Solved Audio ads playing from nowhere

[caila]

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

(c) Malwarebytes Corporation 2011-2012

OS version: 6.0.6002 Windows Vista Service Pack 2 x86

Account is Administrative

Internet Explorer version: 9.0.8112.16421

Java version: 1.6.0_21

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.511000 GHz
Memory total: 3084664832, free: 1240199168

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

(c) Malwarebytes Corporation 2011-2012

OS version: 6.0.6002 Windows Vista Service Pack 2 x86

Account is Administrative

Internet Explorer version: 9.0.8112.16421

Java version: 1.6.0_21

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.511000 GHz
Memory total: 3084664832, free: 1251700736

Downloaded database version: v2014.02.04.13
Downloaded database version: v2013.12.18.01
=======================================
Initializing...
------------ Kernel report ------------
02/04/2014 19:35:03
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\nvraid.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\nvstor32.sys
\SystemRoot\system32\drivers\storport.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\system32\drivers\NIS\1008000.029\SYMEFA.SYS
\SystemRoot\System32\Drivers\PxHelp20.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\amdk8.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\PS2.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\nvmfdx32.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\AGRSM.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\system32\DRIVERS\nvBridge.kmd
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\DRIVERS\serscan.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\Windows\system32\drivers\avgtpx86.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\System32\Drivers\NIS\1008000.029\SYMTDI.SYS
\??\C:\Windows\system32\Drivers\SYMEVENT.SYS
\SystemRoot\System32\Drivers\NIS\1008000.029\SYMNDISV.SYS
\SystemRoot\System32\Drivers\NIS\1008000.029\SYMFW.SYS
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\SymIMv.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\NIS\1008000.029\SRTSPX.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100312.001\IDSvix86.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\NIS\1008000.029\ccHPx86.sys
\SystemRoot\System32\Drivers\NIS\1008000.029\BHDrvx86.sys
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_nvstor32.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\drivers\mrxdav.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{58D5CC33-7066-4F62-9D92-AFB8EDD364FD}\MpKsl63a5669c.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR4
Upper Device Object: 0xffffffff88ee8030
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000071\
Lower Device Object: 0xffffffff88ea19a0
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR3
Upper Device Object: 0xffffffff88eeb030
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000070\
Lower Device Object: 0xffffffff88ee69a0
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xffffffff88ee9ac8
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000006f\
Lower Device Object: 0xffffffff88ea1030
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xffffffff88ea1438
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000006e\
Lower Device Object: 0xffffffff88ee6030
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff86c022a8
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000063\
Lower Device Object: 0xffffffff84eb1888
Lower Device Driver Name: \Driver\nvstor32\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff86c022a8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86d05d18, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff86c022a8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff86048700, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff84eb1888, DeviceName: \Device\00000063\, DriverName: \Driver\nvstor32\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
The directory C:\WINDOWS\SYSTEM32\drivers seems inaccessible or encrypted.
Drivers scan is aborted.
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1549F232

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 63 Numsec = 953120322
Partition file system is NTFS
Partition is bootable

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 953120385 Numsec = 23647680

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-976753168-976773168)...
Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xffffffff88ea1438, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff88ee6428, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff88ea1438, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff88ee6030, DeviceName: \Device\0000006e\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 2, DevicePointer: 0xffffffff88ee9ac8, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff88ee6d18, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff88ee9ac8, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff88ea1030, DeviceName: \Device\0000006f\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xffffffff88eeb030, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff88eebab8, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff88eeb030, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff88ee69a0, DeviceName: \Device\00000070\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 4, DevicePointer: 0xffffffff88ee8030, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff88eeb7b0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff88ee8030, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff88ea19a0, DeviceName: \Device\00000071\, DriverName: \Driver\USBSTOR\
------------ End ----------
Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{618AAD04-921F-44C2-BE38-C0818AF69861} --> [Adware.Hotbar]
Infected: HKLM\SOFTWARE\CLASSES\TypeLib\{6F098504-CDB1-420F-A2E6-DDC0B835FEDF} --> [Adware.Hotbar]
Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{B5D2ED96-62F9-4C2C-956D-E425B1F67337} --> [Adware.Hotbar]
Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB} --> [Adware.Hotbar]
Scan Interrupted
Scan was aborted.
Creating System Restore point...
Cleaning up...
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

(c) Malwarebytes Corporation 2011-2012

OS version: 6.0.6002 Windows Vista Service Pack 2 x86

Account is Administrative

Internet Explorer version: 9.0.8112.16421

Java version: 1.6.0_21

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.511000 GHz
Memory total: 3084664832, free: 1713090560

Initializing...
======================
------------ Kernel report ------------
02/04/2014 20:00:05
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\drivers\imofugc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\nvraid.sys
\SystemRoot\system32\drivers\nvstor32.sys
\SystemRoot\system32\drivers\storport.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\system32\drivers\NIS\1008000.029\SYMEFA.SYS
\SystemRoot\System32\Drivers\PxHelp20.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\amdk8.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\PS2.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\nvmfdx32.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\AGRSM.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\system32\DRIVERS\nvBridge.kmd
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\DRIVERS\serscan.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\Windows\system32\drivers\avgtpx86.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\System32\Drivers\NIS\1008000.029\SYMTDI.SYS
\??\C:\Windows\system32\Drivers\SYMEVENT.SYS
\SystemRoot\System32\Drivers\NIS\1008000.029\SYMNDISV.SYS
\SystemRoot\System32\Drivers\NIS\1008000.029\SYMFW.SYS
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\SymIMv.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\NIS\1008000.029\SRTSPX.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100312.001\IDSvix86.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\NIS\1008000.029\ccHPx86.sys
\SystemRoot\System32\Drivers\NIS\1008000.029\BHDrvx86.sys
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_nvstor32.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\drivers\mrxdav.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\System32\cdd.dll
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR4
Upper Device Object: 0xffffffff88e44ac8
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000072\
Lower Device Object: 0xffffffff88e49628
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR3
Upper Device Object: 0xffffffff88e44030
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000071\
Lower Device Object: 0xffffffff88e41568
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xffffffff88e45030
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000070\
Lower Device Object: 0xffffffff88e499a0
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xffffffff88e49030
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000006f\
Lower Device Object: 0xffffffff88e41030
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff86bde8e0
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000064\
Lower Device Object: 0xffffffff86045030
Lower Device Driver Name: \Driver\nvstor32\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff86bde8e0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86bde5c8, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff86bde8e0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff860454a8, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff86045030, DeviceName: \Device\00000064\, DriverName: \Driver\nvstor32\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
The directory C:\WINDOWS\SYSTEM32\drivers seems inaccessible or encrypted.
Drivers scan is aborted.
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1549F232

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 63 Numsec = 953120322
Partition file system is NTFS
Partition is bootable

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 953120385 Numsec = 23647680

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-976753168-976773168)...
Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xffffffff88e49030, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff88e45d18, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff88e49030, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff88e41030, DeviceName: \Device\0000006f\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 2, DevicePointer: 0xffffffff88e45030, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff88e456e8, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff88e45030, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff88e499a0, DeviceName: \Device\00000070\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xffffffff88e44030, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff88e27400, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff88e44030, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff88e41568, DeviceName: \Device\00000071\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 4, DevicePointer: 0xffffffff88e44ac8, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff88e45a10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff88e44ac8, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff88e49628, DeviceName: \Device\00000072\, DriverName: \Driver\USBSTOR\
------------ End ----------
Scan Interrupted
Scan Interrupted
Scan was aborted.
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-63-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

(c) Malwarebytes Corporation 2011-2012

OS version: 6.0.6002 Windows Vista Service Pack 2 x86

Account is Administrative

Internet Explorer version: 9.0.8112.16421

Java version: 1.6.0_21

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.511000 GHz
Memory total: 3084664832, free: 1646845952

=======================================
Initializing...
------------ Kernel report ------------
02/04/2014 20:16:38
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\drivers\imofugc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\nvraid.sys
\SystemRoot\system32\drivers\nvstor32.sys
\SystemRoot\system32\drivers\storport.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\system32\drivers\NIS\1008000.029\SYMEFA.SYS
\SystemRoot\System32\Drivers\PxHelp20.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\amdk8.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\PS2.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\nvmfdx32.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\AGRSM.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\system32\DRIVERS\nvBridge.kmd
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\DRIVERS\serscan.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\Windows\system32\drivers\avgtpx86.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\System32\Drivers\NIS\1008000.029\SYMTDI.SYS
\??\C:\Windows\system32\Drivers\SYMEVENT.SYS
\SystemRoot\System32\Drivers\NIS\1008000.029\SYMNDISV.SYS
\SystemRoot\System32\Drivers\NIS\1008000.029\SYMFW.SYS
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\SymIMv.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\NIS\1008000.029\SRTSPX.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100312.001\IDSvix86.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\NIS\1008000.029\ccHPx86.sys
\SystemRoot\System32\Drivers\NIS\1008000.029\BHDrvx86.sys
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_nvstor32.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\drivers\mrxdav.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\System32\cdd.dll
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR4
Upper Device Object: 0xffffffff88e44ac8
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000072\
Lower Device Object: 0xffffffff88e49628
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR3
Upper Device Object: 0xffffffff88e44030
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000071\
Lower Device Object: 0xffffffff88e41568
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xffffffff88e45030
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000070\
Lower Device Object: 0xffffffff88e499a0
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xffffffff88e49030
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000006f\
Lower Device Object: 0xffffffff88e41030
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff86bde8e0
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000064\
Lower Device Object: 0xffffffff86045030
Lower Device Driver Name: \Driver\nvstor32\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff86bde8e0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86bde5c8, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff86bde8e0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff860454a8, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff86045030, DeviceName: \Device\00000064\, DriverName: \Driver\nvstor32\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
The directory C:\WINDOWS\SYSTEM32\drivers seems inaccessible or encrypted.
Drivers scan is aborted.
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1549F232

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 63 Numsec = 953120322
Partition file system is NTFS
Partition is bootable

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 953120385 Numsec = 23647680

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-976753168-976773168)...
Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xffffffff88e49030, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff88e45d18, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff88e49030, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff88e41030, DeviceName: \Device\0000006f\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 2, DevicePointer: 0xffffffff88e45030, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff88e456e8, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff88e45030, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff88e499a0, DeviceName: \Device\00000070\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xffffffff88e44030, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff88e27400, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff88e44030, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff88e41568, DeviceName: \Device\00000071\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 4, DevicePointer: 0xffffffff88e44ac8, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff88e45a10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff88e44ac8, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff88e49628, DeviceName: \Device\00000072\, DriverName: \Driver\USBSTOR\
------------ End ----------

 

[Broni]

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

• Never rename Combofix unless instructed.
• Close any open browsers.
• Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
• Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
• Close any open browsers.
• WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
• Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
• If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  If the connection is not there use restore point you created prior to running Combofix.
• Double click on combofix.exe & follow the prompts.

• 
  NOTE1. If Combofix asks you to install Recovery Console, please allow it.
  NOTE 2. If Combofix asks you to update the program, always do so.

• When finished, it will produce a report for you.
• Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

• Double-click on the Rkill desktop icon to run the tool.
• If using Vista or Windows 7 right-click on it and choose Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• If not, delete the file, then download and use the one provided in Link 2.
• Do not reboot until instructed.
• If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.

 

[caila]

ComboFix 14-02-03.01 - Caila 02/04/2014 20:54:09.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2942.1778 [GMT -6:00]
Running from: c:\users\Caila.Home-PC\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files\kikin
c:\program files\kikin\default_settings.xml
c:\program files\kikin\file_list.txt
c:\program files\kikin\ie_kikin.dll
c:\program files\kikin\KikinBroker.exe
c:\program files\kikin\KikinCrashReporter.exe
c:\program files\kikin\uninst.exe
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR
c:\program files\MyWebSearch\bar\2.bin\CHROME.MANIFEST
c:\program files\MyWebSearch\bar\2.bin\chrome\M3FFXTBR.JAR
c:\program files\MyWebSearch\bar\2.bin\F3BKGERR.JPG
c:\program files\MyWebSearch\bar\2.bin\F3CJpeg.dll
c:\program files\MyWebSearch\bar\2.bin\F3DTactl.dll
c:\program files\MyWebSearch\bar\2.bin\F3HISTSW.DLL
c:\program files\MyWebSearch\bar\2.bin\F3HKSTUB.DLL
c:\program files\MyWebSearch\bar\2.bin\F3HTmlmu.dll
c:\program files\MyWebSearch\bar\2.bin\F3HTTPCT.DLL
c:\program files\MyWebSearch\bar\2.bin\F3IMSTUB.DLL
c:\program files\MyWebSearch\bar\2.bin\F3POPSWT.DLL
c:\program files\MyWebSearch\bar\2.bin\F3PSSAVR.SCR
c:\program files\MyWebSearch\bar\2.bin\F3REGHK.DLL
c:\program files\MyWebSearch\bar\2.bin\F3REPROX.DLL
c:\program files\MyWebSearch\bar\2.bin\F3RESTUB.DLL
c:\program files\MyWebSearch\bar\2.bin\F3SCHMON.EXE
c:\program files\MyWebSearch\bar\2.bin\F3SCRCTR.DLL
c:\program files\MyWebSearch\bar\2.bin\F3SPACER.WMV
c:\program files\MyWebSearch\bar\2.bin\F3WALLPP.DAT
c:\program files\MyWebSearch\bar\2.bin\F3WPHOOK.DLL
c:\program files\MyWebSearch\bar\2.bin\FWPBUDDY.PNG
c:\program files\MyWebSearch\bar\2.bin\INSTALL.RDF
c:\program files\MyWebSearch\bar\2.bin\M3AUXSTB.DLL
c:\program files\MyWebSearch\bar\2.bin\M3DLGHK.DLL
c:\program files\MyWebSearch\bar\2.bin\M3HIGHIN.EXE
c:\program files\MyWebSearch\bar\2.bin\M3HTML.DLL
c:\program files\MyWebSearch\bar\2.bin\M3IDLE.DLL
c:\program files\MyWebSearch\bar\2.bin\M3IMPIPE.EXE
c:\program files\MyWebSearch\bar\2.bin\M3MEDINT.EXE
c:\program files\MyWebSearch\bar\2.bin\M3MSg.dll
c:\program files\MyWebSearch\bar\2.bin\M3OUTLCN.DLL
c:\program files\MyWebSearch\bar\2.bin\M3PLUGIN.DLL
c:\program files\MyWebSearch\bar\2.bin\M3SKIN.DLL
c:\program files\MyWebSearch\bar\2.bin\M3SKPLAY.EXE
c:\program files\MyWebSearch\bar\2.bin\M3SLSRCH.EXE
c:\program files\MyWebSearch\bar\2.bin\MWSMLBTN.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSOEMON.EXE
c:\program files\MyWebSearch\bar\2.bin\MWSOEPLG.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSOESTB.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSSVC.EXE
c:\program files\MyWebSearch\bar\2.bin\MWSUABTN.DLL
c:\program files\MyWebSearch\bar\2.bin\NPMYWEBS.DLL
c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S
c:\program files\MyWebSearch\bar\Cache\003A3997
c:\program files\MyWebSearch\bar\Cache\003A3D5E
c:\program files\MyWebSearch\bar\Cache\003A3DFA.bin
c:\program files\MyWebSearch\bar\Cache\003A3EF4.bin
c:\program files\MyWebSearch\bar\Cache\003A3F90.bin
c:\program files\MyWebSearch\bar\Cache\003A402C.bin
c:\program files\MyWebSearch\bar\Cache\files.ini
c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S
c:\program files\MyWebSearch\bar\Game\CHESS.F3S
c:\program files\MyWebSearch\bar\Game\REVERSI.F3S
c:\program files\MyWebSearch\bar\History\search3
c:\program files\MyWebSearch\bar\Message\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\DOG.F3S
c:\program files\MyWebSearch\bar\Notifier\FISH.F3S
c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S
c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
c:\program files\MyWebSearch\bar\Notifier\MAID.F3S
c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S
c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S
c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S
c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S
c:\program files\MyWebSearch\bar\Settings\prevcfg2.htm
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\program files\RetrogamerEI
c:\program files\RetrogamerEI\Installr\1.bin\k7EIPlug.dll
c:\program files\RetrogamerEI\Installr\1.bin\k7EZSETP.dll
c:\program files\RetrogamerEI\Installr\1.bin\NPk7EISb.dll
c:\program files\Search Toolbar
c:\program files\Search Toolbar\SearchToolbarUninstall.exe
c:\program files\Search Toolbar\SearchToolbarUpdater.exe
c:\program files\SelectRebates
c:\program files\SelectRebates\FFToolbar\chrome.manifest
c:\program files\SelectRebates\FFToolbar\chrome\sahtoolbar.jar
c:\program files\SelectRebates\FFToolbar\defaults\preferences\sahtoolbar.js
c:\program files\SelectRebates\FFToolbar\install.rdf
c:\program files\SelectRebates\SahImages\alert.png
c:\program files\SelectRebates\SahImages\check.png
c:\program files\SelectRebates\SahImages\close.png
c:\program files\SelectRebates\SelectAlerts.dat
c:\program files\SelectRebates\SelectRebates.exe
c:\program files\SelectRebates\SelectRebates.ini
c:\program files\SelectRebates\SelectRebatesA.dat
c:\program files\SelectRebates\SelectRebatesApi.exe
c:\program files\SelectRebates\SelectRebatesB.dat
c:\program files\SelectRebates\SelectRebatesBT.dat
c:\program files\SelectRebates\SelectRebatesDownload.exe
c:\program files\SelectRebates\SelectRebatesH.dat
c:\program files\SelectRebates\SelectRebatesUninstall.exe
c:\program files\SelectRebates\SRebates.dll
c:\program files\SelectRebates\SRFF3.dll
c:\program files\SelectRebates\Toolbar\AddtoList.bmp
c:\program files\SelectRebates\Toolbar\basis.xml
c:\program files\SelectRebates\Toolbar\Basis.xml.dym
c:\program files\SelectRebates\Toolbar\Blank.bmp
c:\program files\SelectRebates\Toolbar\CashBack.bmp
c:\program files\SelectRebates\Toolbar\Coupons.bmp
c:\program files\SelectRebates\Toolbar\GroceryCoupon.bmp
c:\program files\SelectRebates\Toolbar\i_magnifying.bmp
c:\program files\SelectRebates\Toolbar\icons.bmp
c:\program files\SelectRebates\Toolbar\logo.bmp
c:\program files\SelectRebates\Toolbar\logo_24.bmp
c:\program files\SelectRebates\Toolbar\logo_HotSpots.bmp
c:\program files\SelectRebates\Toolbar\ReviewSite.bmp
c:\program files\SelectRebates\Toolbar\RightControls.dym
c:\program files\SelectRebates\Toolbar\Scissors.bmp
c:\program files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll
c:\program files\TelevisionFanatic
c:\program files\TelevisionFanatic\bar\1.bin\64auxstb.dll
c:\program files\TelevisionFanatic\bar\1.bin\64bar.dll
c:\program files\TelevisionFanatic\bar\1.bin\64barsvc.exe
c:\program files\TelevisionFanatic\bar\1.bin\64bprtct.dll
c:\program files\TelevisionFanatic\bar\1.bin\64brstub.dll
c:\program files\TelevisionFanatic\bar\1.bin\64datact.dll
c:\program files\TelevisionFanatic\bar\1.bin\64dlghk.dll
c:\program files\TelevisionFanatic\bar\1.bin\64dyn.dll
c:\program files\TelevisionFanatic\bar\1.bin\64feedmg.dll
c:\program files\TelevisionFanatic\bar\1.bin\64highin.exe
c:\program files\TelevisionFanatic\bar\1.bin\64hkstub.dll
c:\program files\TelevisionFanatic\bar\1.bin\64htmlmu.dll
c:\program files\TelevisionFanatic\bar\1.bin\64httpct.dll
c:\program files\TelevisionFanatic\bar\1.bin\64idle.dll
c:\program files\TelevisionFanatic\bar\1.bin\64ieovr.dll
c:\program files\TelevisionFanatic\bar\1.bin\64impipe.exe
c:\program files\TelevisionFanatic\bar\1.bin\64medint.exe
c:\program files\TelevisionFanatic\bar\1.bin\64mlbtn.dll
c:\program files\TelevisionFanatic\bar\1.bin\64msg.dll
c:\program files\TelevisionFanatic\bar\1.bin\64Plugin.dll
c:\program files\TelevisionFanatic\bar\1.bin\64radio.dll
c:\program files\TelevisionFanatic\bar\1.bin\64regfft.dll
c:\program files\TelevisionFanatic\bar\1.bin\64reghk.dll
c:\program files\TelevisionFanatic\bar\1.bin\64regiet.dll
c:\program files\TelevisionFanatic\bar\1.bin\64script.dll
c:\program files\TelevisionFanatic\bar\1.bin\64skin.dll
c:\program files\TelevisionFanatic\bar\1.bin\64sknlcr.dll
c:\program files\TelevisionFanatic\bar\1.bin\64skplay.exe
c:\program files\TelevisionFanatic\bar\1.bin\64SrcAs.dll
c:\program files\TelevisionFanatic\bar\1.bin\64tpinst.dll
c:\program files\TelevisionFanatic\bar\1.bin\64uabtn.dll
c:\program files\TelevisionFanatic\bar\1.bin\AppIntegrator64.exe
c:\program files\TelevisionFanatic\bar\1.bin\AppIntegratorStub64.dll
c:\program files\TelevisionFanatic\bar\1.bin\BOOTSTRAP.JS
c:\program files\TelevisionFanatic\bar\1.bin\CHROME.MANIFEST
c:\program files\TelevisionFanatic\bar\1.bin\chrome\64ffxtbr.jar
c:\program files\TelevisionFanatic\bar\1.bin\CREXT.DLL
c:\program files\TelevisionFanatic\bar\1.bin\CrExtP64.exe
c:\program files\TelevisionFanatic\bar\1.bin\Hpg64.dll
c:\program files\TelevisionFanatic\bar\1.bin\INSTALL.RDF
c:\program files\TelevisionFanatic\bar\1.bin\installKeys.js
c:\program files\TelevisionFanatic\bar\1.bin\LOGO.BMP
c:\program files\TelevisionFanatic\bar\1.bin\NP64Stub.dll
c:\program files\TelevisionFanatic\bar\1.bin\T8EXTEX.DLL
c:\program files\TelevisionFanatic\bar\1.bin\T8EXTPEX.DLL
c:\program files\TelevisionFanatic\bar\1.bin\T8HTML.DLL
c:\program files\TelevisionFanatic\bar\1.bin\T8RES.DLL
c:\program files\TelevisionFanatic\bar\1.bin\T8TICKER.DLL
c:\program files\TelevisionFanatic\bar\gen1\COMMON.T8S
c:\program files\TelevisionFanatic\bar\IE9Mesg\COMMON.T8S
c:\program files\TelevisionFanatic\bar\Message\COMMON.T8S
c:\program files\TelevisionFanatic\bar\Settings\s_pid.dat
c:\program files\UNWISE.EXE
c:\programdata\Microsoft\Windows\DRM\8B1.tmp
c:\users\Caila.Home-PC\AppData\Roaming\kikin
c:\users\Caila.Home-PC\AppData\Roaming\kikin\ff_kkes.xml
c:\users\Caila.Home-PC\AppData\Roaming\kikin\ie_configuration.xml
c:\users\Caila.Home-PC\AppData\Roaming\kikin\ie_kkes.xml
c:\users\Caila.Home-PC\AppData\Roaming\kikin\ie_settings.xml
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome.manifest
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\asyncDB.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\background.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\browserAction.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\contextMenu.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\dbManager.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\dom_bg.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\fileManager.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\firefox.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\firefoxNotifications.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\firefoxOmnibox.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\message.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\pageAction.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\request.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\tabs.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\webRequest.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\windowsMessagingHandler.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\background.html
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\baseObject.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\browser.xul
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\addressBarChangeObserver.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\console.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\consts.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\delegate.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\extensionDataStore.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\folderIOWrapper.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\httpObserver.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\IDBWrapper.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\installer.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\logFile.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\prefs.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\progressListenerObserver.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\registry.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\reloadObserver.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\reports.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\requestObject.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\searchSettings.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\uninstallObserver.js

 

[caila]

c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\updateManager.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\utils.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\xhr.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\dialog.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\main.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\options.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\options.xul
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\platformVersion.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\search_dialog.xul
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\defaults\preferences\prefs.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\manifest.xml
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins.json
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\1_base.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\102_dealply_m.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\103_intext_5_m.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\104_jollywallet_m.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\105_corticas_m.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\126_revizer_ws_m.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\127_revizer_p_m.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\155_ibario_pops_m.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\17_jQuery.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\177_crossriderDashboard.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\182_openUrl.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\183_tabsWrapper.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\184_noproblemppc_m.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\189_active_sanity.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\191_ciuvo_m.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\207_dbWrapper.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\21_debug.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\215_quicklizard_m.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\22_resources.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\28_initializer.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\47_resources_background.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\5_notifications.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\64_appApiMessage.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\7_hooks.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\72_appApiValidation.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\79_CrossriderDailyPing.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\9_search_engine_hook.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\98_omniCommands.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\userCode\background.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\userCode\extension.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\install.rdf
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\locale\en-US\translations.dtd
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\button1.png
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\button2.png
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\button3.png
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\button4.png
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\button5.png
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\crossrider_statusbar.png
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\icon128.png
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\icon16.png
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\icon24.png
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\icon48.png
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\panelarrow-up.png
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\popup.html
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\skin.css
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\update.css
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\bootstrap.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\defaults\preferences\prefs.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\harness-options.json
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\icon.png
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\install.rdf
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\locales.json
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\addon-kit\lib\page-mod.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\addon-kit\lib\private-browsing.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\addon-kit\lib\request.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\addon-kit\lib\windows.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\addon\runner.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\api-utils.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\base64.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\byte-streams.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\collection.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content\content-proxy.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content\content-worker.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content\loader.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content\symbiont.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content\worker.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\cortex.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\cuddlefish.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\deprecate.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\dom\events.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\environment.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\errors.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\event\core.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\event\target.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\events.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\events\assembler.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\file.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\functional.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\globals.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\heritage.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\hidden-frame.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\l10n\core.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\l10n\html.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\l10n\loader.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\l10n\locale.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\l10n\prefs.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\light-traits.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\list.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\loader.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\match-pattern.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\memory.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\namespace.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\observer-service.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\plain-text-console.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\preferences-service.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\private-browsing\utils.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\promise.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\querystring.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\runtime.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\sandbox.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\self.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\system.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\system\events.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\tabs\events.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\tabs\observer.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\tabs\tab.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\tabs\utils.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\text-streams.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\timer.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\traceback.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\traits.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\traits\core.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\unload.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\url.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\utils\data.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\utils\object.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\utils\registry.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\utils\thumbnail.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\uuid.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\window-utils.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\window\utils.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\windows\dom.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\windows\loader.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\windows\observer.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\windows\tabs.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\xhr.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\xpcom.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\xul-app.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\ScorpionSaver\data\icon64.png
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\ScorpionSaver\lib\main.js
c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ScorpionSaver@jetpack\resources\ScorpionSaver\lib\main.js.old
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_kikjpgpbpnapbimplfcbcbakjacpgceb_0
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_kikjpgpbpnapbimplfcbcbakjacpgceb_0\3
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\background.html
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\crossriderManifest.json
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\manifest.xml
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins.json
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\1_base.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\102_dealply_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\103_intext_5_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\104_jollywallet_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\105_corticas_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\108_icm_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\117_coupons_intext_ads_5_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\119_similar_web_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\120_luck_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\123_intext_adv_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js

 

[caila]

c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\125_arcadi2_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\126_revizer_ws_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\127_revizer_p_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\128_superfish_pricora_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\135_arcadi3_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\138_getdeal_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\14_CrossriderUtils.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\141_corticas_ru_m.js.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\142_intext_fa_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\155_ibario_pops_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\158_50onred_ads_only_no_fb_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\159_cortica_rollover_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\17_jQuery.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\171_arcadi2_sourceID_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\175_coolmirage_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\178_revizer_ws_dynamic_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\179_revizer_p_dynamic_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\180_bpo_serp_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\184_noproblemppc_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\19_CHAppAPIWrapper.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\21_debug.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\22_resources.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\28_initializer.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\47_resources_background.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\5_notifications.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\64_appApiMessage.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\7_hooks.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\72_appApiValidation.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\78_CrossriderInfo.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\80_CHPopupAppAPI.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\87_ginyas_wrapper.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\9_search_engine_hook.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\97_resourceApiWrapper.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\userCode\background.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\userCode\extension.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\icons\actions\1.png
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\icons\icon128.png
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\icons\icon16.png
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\icons\icon48.png
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\api\chrome.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\api\cookie.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\api\message.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\api\pageAction.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\api\pageActionBG.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\background.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\app_api.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\bg_app_api.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\consts.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\cookie_store.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\crossriderAPI.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\delegate.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\events.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\extensionDataStore.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\installer.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\logFile.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\logging.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\onBGDocumentLoad.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\popupResource\newPopup.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\popupResource\popup.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\reports.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\storageWrapper.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\updateManager.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\util.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\xhr.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\main.js
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\manifest.json
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\popup.html
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kikjpgpbpnapbimplfcbcbakjacpgceb
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kikjpgpbpnapbimplfcbcbakjacpgceb\000005.ldb
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kikjpgpbpnapbimplfcbcbakjacpgceb\000008.ldb
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kikjpgpbpnapbimplfcbcbakjacpgceb\000009.log
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kikjpgpbpnapbimplfcbcbakjacpgceb\CURRENT
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kikjpgpbpnapbimplfcbcbakjacpgceb\LOCK
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kikjpgpbpnapbimplfcbcbakjacpgceb\LOG
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kikjpgpbpnapbimplfcbcbakjacpgceb\LOG.old
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kikjpgpbpnapbimplfcbcbakjacpgceb\MANIFEST-000007
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kikjpgpbpnapbimplfcbcbakjacpgceb_0.localstorage-journal
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kikjpgpbpnapbimplfcbcbakjacpgceb_0.localstorage
c:\users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Laurie\AppData\Roaming\kikin
c:\users\Laurie\AppData\Roaming\kikin\ff_kkes.xml
c:\users\Laurie\AppData\Roaming\kikin\ie_configuration.xml
c:\users\Laurie\AppData\Roaming\kikin\ie_kkes.xml
c:\users\Laurie\AppData\Roaming\kikin\ie_settings.xml
c:\users\Laurie\AppData\Roaming\kikin\kikin_updater_2.9.1.exe
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_kikjpgpbpnapbimplfcbcbakjacpgceb_0
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_kikjpgpbpnapbimplfcbcbakjacpgceb_0\1
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\background.html
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\crossriderManifest.json
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\manifest.xml
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins.json
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\1_base.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\102_dealply_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\103_intext_5_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\104_jollywallet_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\105_corticas_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\108_icm_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\117_coupons_intext_ads_5_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\119_similar_web_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\120_luck_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\123_intext_adv_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\125_arcadi2_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\126_revizer_ws_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\127_revizer_p_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\128_superfish_pricora_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\135_arcadi3_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\138_getdeal_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\14_CrossriderUtils.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\141_corticas_ru_m.js.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\142_intext_fa_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\155_ibario_pops_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\158_50onred_ads_only_no_fb_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\159_cortica_rollover_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\17_jQuery.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\171_arcadi2_sourceID_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\175_coolmirage_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\178_revizer_ws_dynamic_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\179_revizer_p_dynamic_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\180_bpo_serp_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\184_noproblemppc_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\19_CHAppAPIWrapper.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\21_debug.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\22_resources.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\28_initializer.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\47_resources_background.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\5_notifications.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\64_appApiMessage.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\7_hooks.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\72_appApiValidation.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\78_CrossriderInfo.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\80_CHPopupAppAPI.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\87_ginyas_wrapper.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\9_search_engine_hook.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\97_resourceApiWrapper.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\userCode\background.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\userCode\extension.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\icons\actions\1.png
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\icons\icon128.png
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\icons\icon16.png
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\icons\icon48.png
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\api\chrome.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\api\cookie.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\api\message.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\api\pageAction.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\api\pageActionBG.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\background.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\app_api.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\bg_app_api.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\consts.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\cookie_store.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\crossriderAPI.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\delegate.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\events.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\extensionDataStore.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\installer.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\logFile.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\logging.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\onBGDocumentLoad.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\popupResource\newPopup.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\popupResource\popup.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\reports.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\storageWrapper.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\updateManager.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\util.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\xhr.js

 

[caila]

c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\main.js
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\manifest.json
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\popup.html
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kikjpgpbpnapbimplfcbcbakjacpgceb
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kikjpgpbpnapbimplfcbcbakjacpgceb\000003.log
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kikjpgpbpnapbimplfcbcbakjacpgceb\CURRENT
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kikjpgpbpnapbimplfcbcbakjacpgceb\LOCK
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kikjpgpbpnapbimplfcbcbakjacpgceb\LOG
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kikjpgpbpnapbimplfcbcbakjacpgceb\MANIFEST-000002
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kikjpgpbpnapbimplfcbcbakjacpgceb_0.localstorage-journal
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kikjpgpbpnapbimplfcbcbakjacpgceb_0.localstorage
c:\users\Michael\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Michael\AppData\Roaming\kikin
c:\users\Michael\AppData\Roaming\kikin\ie_configuration.xml
c:\users\Michael\AppData\Roaming\kikin\ie_kkes.xml
c:\users\Michael\AppData\Roaming\kikin\ie_settings.xml
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome.manifest
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\asyncDB.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\background.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\browserAction.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\contextMenu.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\dbManager.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\dom_bg.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\fileManager.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\firefox.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\firefoxNotifications.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\firefoxOmnibox.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\message.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\pageAction.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\request.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\tabs.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\webRequest.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\background.html
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\baseObject.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\browser.xul
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\console.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\consts.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\delegate.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\extensionDataStore.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\folderIOWrapper.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\httpObserver.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\IDBWrapper.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\installer.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\logFile.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\prefs.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\progressListenerObserver.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\registry.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\reloadObserver.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\reports.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\requestObject.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\searchSettings.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\uninstallObserver.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\updateManager.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\utils.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\xhr.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\dialog.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\main.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\options.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\options.xul
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\search_dialog.xul
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\defaults\preferences\prefs.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\manifest.xml
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins.json
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\1_base.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\102_dealply_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\103_intext_5_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\104_jollywallet_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\105_corticas_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\108_icm_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\117_coupons_intext_ads_5_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\119_similar_web_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\120_luck_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\123_intext_adv_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\125_arcadi2_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\126_revizer_ws_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\127_revizer_p_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\128_superfish_pricora_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\135_arcadi3_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\138_getdeal_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\141_corticas_ru_m.js.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\142_intext_fa_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\155_ibario_pops_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\159_cortica_rollover_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\17_jQuery.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\171_arcadi2_sourceID_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\175_coolmirage_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\177_crossriderDashboard.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\178_revizer_ws_dynamic_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\179_revizer_p_dynamic_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\180_bpo_serp_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\182_openUrl.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\184_noproblemppc_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\189_active_sanity.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\190_pops_5_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\191_ciuvo_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\192_revizer_ws_dynamic_b2b_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\193_revizer_p_dynamic_b2b_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\194_retargeting_bi_m.js.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\195_icm_convertmedia_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\197_kreapixel_pops_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\198_superfish_no_search_no_coupons_plushd_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\199_superfish_no_coupons_plushd_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\200_foxydeal_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\21_debug.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\22_resources.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\28_initializer.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\47_resources_background.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\5_notifications.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\64_appApiMessage.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\7_hooks.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\72_appApiValidation.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\87_ginyas_wrapper.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\9_search_engine_hook.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\98_omniCommands.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\userCode\background.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\userCode\extension.js
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\install.rdf
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\locale\en-US\translations.dtd
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\button1.png
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\button2.png
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\button3.png
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\button4.png
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\button5.png
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\crossrider_statusbar.png
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\icon128.png
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\icon16.png
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\icon24.png
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\icon48.png
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\panelarrow-up.png
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\popup.html
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\skin.css
c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\update.css
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf
c:\windows\Installer\{9B65F9A3-9D24-452A-B6EF-1457D65E4259}
c:\windows\Installer\{9B65F9A3-9D24-452A-B6EF-1457D65E4259}\icon64.ico
c:\windows\PFRO.log

 

[caila]

.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_TelevisionFanaticService
.
.
((((((((((((((((((((((((( Files Created from 2014-01-05 to 2014-02-05 )))))))))))))))))))))))))))))))
.
.
2014-02-05 03:15 . 2014-02-05 03:15 -------- d-----w- c:\users\Michael\AppData\Local\temp
2014-02-05 03:15 . 2014-02-05 03:15 -------- d-----w- c:\users\Laurie\AppData\Local\temp
2014-02-05 03:14 . 2014-02-05 03:14 -------- d-----w- c:\users\Kyle\AppData\Local\temp
2014-02-05 03:14 . 2014-02-05 03:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-05 03:13 . 2014-02-05 03:13 -------- d-----w- c:\users\Caila\AppData\Local\temp
2014-02-05 03:04 . 2014-02-05 03:04 -------- d-----w- c:\users\Caila.Home-PC\AppData\Local\CrashDumps
2014-02-05 01:35 . 2014-02-05 02:16 107224 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-02-05 01:33 . 2014-02-05 02:16 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-02-05 01:07 . 2014-02-05 01:07 -------- d-----w- c:\users\Caila.Home-PC\AppData\Local\BrowserSafeguard
2014-02-05 01:06 . 2014-02-05 01:07 -------- d-----w- c:\users\Caila.Home-PC\AppData\Local\Smartbar
2014-02-04 03:35 . 2013-12-16 07:54 7760024 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{58D5CC33-7066-4F62-9D92-AFB8EDD364FD}\mpengine.dll
2014-02-03 23:35 . 2013-12-16 07:54 7760024 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-02-03 04:28 . 2014-02-03 04:28 -------- d-----w- c:\users\Caila.Home-PC\AppData\Roaming\Malwarebytes
2014-02-03 04:28 . 2014-02-03 04:28 -------- d-----w- c:\programdata\Malwarebytes
2014-02-03 04:28 . 2014-02-03 04:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-02-03 04:28 . 2013-04-04 20:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-02-03 04:22 . 2013-10-28 05:41 719224 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A4091C90-9843-41CE-A094-3CB6BBE66EBD}\gapaengine.dll
2014-02-03 04:08 . 2014-02-03 04:10 -------- d-----w- c:\program files\Microsoft Security Client
2014-02-03 04:07 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2014-02-03 02:13 . 2014-02-03 02:13 -------- d-----w- c:\users\Caila.Home-PC\.android
2014-02-03 02:13 . 2014-02-03 02:17 -------- d-----w- c:\users\Caila.Home-PC\AppData\Local\GCC
2014-02-03 02:13 . 2014-02-03 02:18 -------- d-----w- c:\users\Caila.Home-PC\AppData\Local\cache
2014-02-03 02:13 . 2014-02-03 07:28 -------- d-----w- c:\users\Caila.Home-PC\AppData\Local\genienext
2014-02-03 02:13 . 2014-02-03 03:44 -------- d-----w- c:\users\Caila.Home-PC\AppData\Local\Mobogenie
2014-02-03 02:10 . 2014-02-03 02:10 -------- d-----w- c:\users\Caila.Home-PC\AppData\Local\SearchProtect
2014-02-03 02:10 . 2014-02-03 02:10 -------- d-----w- c:\program files\GrabRez
2014-02-03 02:09 . 2014-02-03 02:09 -------- d-----w- c:\users\Caila.Home-PC\AppData\Local\Cool_Mirage
2014-02-02 21:12 . 2014-02-03 07:28 -------- d-----w- c:\programdata\YoutubeAdblocker
2014-02-02 21:11 . 2014-02-03 07:28 -------- d-----w- c:\programdata\GreeatSaveur
2014-02-02 21:11 . 2014-02-03 07:28 -------- d-----w- c:\program files\GreeatSaveur
2014-02-02 21:11 . 2014-02-02 21:11 -------- d-----w- c:\users\Michael\AppData\Local\Torch
2014-02-02 21:11 . 2014-02-02 21:11 -------- d-----w- c:\users\Laurie\AppData\Local\Torch
2014-02-02 21:11 . 2014-02-02 21:11 -------- d-----w- c:\users\Kyle\AppData\Local\Torch
2014-02-02 21:11 . 2014-02-02 21:11 -------- d-----w- c:\users\Michael\AppData\Local\Comodo
2014-02-02 21:11 . 2014-02-02 21:11 -------- d-----w- c:\users\Laurie\AppData\Local\Comodo
2014-02-02 21:11 . 2014-02-02 21:11 -------- d-----w- c:\users\Kyle\AppData\Local\Comodo
2014-02-02 21:11 . 2014-02-02 21:11 -------- d-----w- c:\users\Caila.Home-PC\AppData\Local\Comodo
2014-02-02 21:11 . 2014-02-02 21:11 -------- d-----w- c:\users\Guest
2014-02-02 21:11 . 2014-02-02 21:11 -------- d-----w- c:\users\Administrator
2014-02-01 00:41 . 2014-02-01 00:43 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-02-01 00:41 . 2014-02-01 00:43 -------- d-----w- c:\program files\iTunes
2014-02-01 00:39 . 2014-02-01 00:39 -------- d-----w- c:\program files\Apple Software Update
2014-02-01 00:35 . 2014-02-01 00:35 -------- d-----w- c:\program files\Bonjour
2014-02-01 00:34 . 2014-02-01 00:41 -------- d-----w- c:\program files\Common Files\Apple
2014-02-01 00:01 . 2014-02-01 00:01 -------- d-----w- c:\users\Caila.Home-PC\AppData\Local\ElevatedDiagnostics
2014-01-31 23:56 . 2014-02-01 00:28 -------- d-----w- C:\MATS
2014-01-20 22:42 . 2014-01-20 22:42 -------- d-----w- c:\users\Caila.Home-PC\AppData\Local\Macromedia
2014-01-20 22:41 . 2014-01-27 01:11 -------- d-----w- c:\users\Caila.Home-PC\AppData\Local\HowToSimplified_8e
2014-01-20 20:30 . 2014-01-20 20:30 -------- d-----w- c:\program files\Common Files\HP
2014-01-07 15:55 . 2014-01-07 15:55 -------- d-----w- c:\windows\system32\log
2014-01-07 15:55 . 2014-02-03 08:05 -------- d-----w- c:\programdata\WPM
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-19 07:32 . 2009-11-29 14:45 231584 ------w- c:\windows\system32\MpSigStub.exe
2013-12-16 07:54 . 2014-01-31 08:25 7760024 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F8E285DA-D717-4E88-B135-2E10BB63BCFB}\mpengine.dll
2013-12-11 01:44 . 2012-10-04 21:42 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 01:44 . 2012-10-04 21:42 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-11 01:44 . 2013-12-11 00:44 9272200 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-11-18 02:52 . 2013-11-18 02:53 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-11-14 22:50 . 2013-12-12 09:01 1806848 ----a-w- c:\windows\system32\jscript9.dll
2013-11-14 22:42 . 2013-12-12 09:01 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-11-14 22:42 . 2013-12-12 09:01 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-14 22:38 . 2013-12-12 09:01 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-14 22:38 . 2013-12-12 09:01 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-11-14 22:35 . 2013-12-12 09:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-10-11 01:06 . 2012-11-01 16:23 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{1eea7b7d-cc79-406b-a19b-7791b69cc663}]
2010-07-22 13:54 643072 ----a-w- c:\progra~1\RETROG~2\bar\1.bin\6hbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{548f6736-8fe4-4680-82f2-170d6c07e1d2}]
2010-10-03 15:31 2735200 ----a-w- c:\program files\TranslatorBar_1.2\tbTra1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
2011-01-28 20:37 2735200 ----a-w- c:\program files\Zynga\tbZyn1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7b13ec3e-999a-4b70-b9cb-2617b8323822}"= "c:\program files\Zynga\tbZyn1.dll" [2011-01-28 2735200]
"{548f6736-8fe4-4680-82f2-170d6c07e1d2}"= "c:\program files\TranslatorBar_1.2\tbTra1.dll" [2010-10-03 2735200]
"{4d96ce9c-9788-44a5-bfbc-45e4e745afb5}"= "c:\program files\RetrogamerIE\bar\1.bin\6hbar.dll" [2010-07-22 643072]
.
[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
.
[HKEY_CLASSES_ROOT\clsid\{548f6736-8fe4-4680-82f2-170d6c07e1d2}]
.
[HKEY_CLASSES_ROOT\clsid\{4d96ce9c-9788-44a5-bfbc-45e4e745afb5}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{7B13EC3E-999A-4B70-B9CB-2617B8323822}"= "c:\program files\Zynga\tbZyn1.dll" [2011-01-28 2735200]
"{548F6736-8FE4-4680-82F2-170D6C07E1D2}"= "c:\program files\TranslatorBar_1.2\tbTra1.dll" [2010-10-03 2735200]
.
[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
.
[HKEY_CLASSES_ROOT\clsid\{548f6736-8fe4-4680-82f2-170d6c07e1d2}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Browser Infrastructure Helper"="c:\users\Caila.Home-PC\AppData\Local\Smartbar\Application\SnapDo.exe" [2013-12-22 21024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KBD"="c:\program files\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-18 13683232]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-11-18 92704]
"TSMAgent"="c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2008-12-15 1152296]
"CLMLServer for HP TouchSmart"="c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-12-15 189736]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2006-02-23 35328]
"TVAgent"="c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe" [2009-04-23 206120]
"DVDAgent"="c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2008-11-28 1148200]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2010-12-05 274608]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-01-20 152392]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 273296]
simplicheck.lnk - c:\program files\simplitec\simplicheck\simplicheck.exe -timer [2012-9-21 2936168]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2009-10-13 495432]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-31 23:02 1211672 ----a-w- c:\program files\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-04 01:44]
.
2014-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-01-31 23:01]
.
2014-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-01-31 23:01]
.
2010-10-11 c:\windows\Tasks\HPCeeScheduleForLaurie.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2009-03-17 03:01]
.
2014-01-12 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2008-11-05 18:23]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=US&userid=d240f276-3738-3939-63ad-a329dd4133f0&searchtype=hp&installDate=04/02/2014
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <-loopback>
uInternet Settings,ProxyServer = http=127.0.0.1:63017;https=127.0.0.1:63017
uSearchAssistant = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=US&userid=d240f276-3738-3939-63ad-a329dd4133f0&searchtype=ds&q={searchTerms}&installDate=04/02/2014
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll
TCP: DhcpNameServer = 97.64.209.36 97.64.168.13
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} -
DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} - hxxp://archives.gametap.com/static/cab_headless/GameTapWebPlayer.cab
FF - ProfilePath - c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\
FF - prefs.js: browser.startup.homepage - hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=US&userid=d240f276-3738-3939-63ad-a329dd4133f0&searchtype=hp&installDate=04/02/2014
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: keyword.URL - hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=US&userid=d240f276-3738-3939-63ad-a329dd4133f0&searchtype=ds&installDate=04/02/2014&q=
FF - ExtSQL: 2014-01-20 11:28; quickprint@hp.com; c:\program files\Hewlett-Packard\SmartPrint\QPExtension
FF - ExtSQL: 2014-01-20 16:09; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; c:\program files\McAfee\SiteAdvisor
FF - ExtSQL: 2014-01-20 16:41; ackgooaouea@vpzopmbt.com; c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ackgooaouea@vpzopmbt.com
FF - ExtSQL: 2014-01-20 16:41; addon@bazaarfriend.com; c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\addon@bazaarfriend.com
FF - ExtSQL: 2014-01-20 16:41; aziog@oyjndsyp.org; c:\users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\aziog@oyjndsyp.org
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\AskBarDis\bar\bin\askBar.dll
BHO-{313a832a-aaf3-4880-a8d0-c42bee319c02} - (no file)
BHO-{38542454-dfb6-44f5-b052-d4e071a3d073} - (no file)
BHO-{85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} - c:\program files\alotappbar\bin\BHO\alotappbarBHO.dll
BHO-{E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll
Toolbar-{3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\AskBarDis\bar\bin\askBar.dll
Toolbar-{A531D99C-5A22-449b-83DA-872725C6D0ED} - c:\program files\alotappbar\bin\alotappbar.dll
Toolbar-10 - (no file)
WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - c:\program files\AskBarDis\bar\bin\askBar.dll
HKCU-Run-HPADVISOR - (no file)
HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKCU-Run-iMesh - c:\program files\iMesh Applications\iMesh\iMesh.exe
HKLM-Run-hpsysdrv - c:\program files\hewlett-packard\HP odometer\hpsysdrv.exe
HKLM-Run-HP Health Check Scheduler - c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
HKLM-Run-UpdateP2GoShortCut - c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
HKLM-Run-UpdateLBPShortCut - c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
HKLM-Run-UpdatePDIRShortCut - c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
HKLM-Run-UpdatePSTShortCut - c:\program files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe
HKLM-Run-SmartMenu - c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
HKLM-Run-AppleSyncNotifier - c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
HKLM-Run-SelectRebates - c:\program files\SelectRebates\SelectRebates.exe
HKLM-Run-SunJavaUpdateSched - c:\program files\Common Files\Java\Java Update\jusched.exe
HKLM-Run-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
HKLM-Run-Adobe ARM - c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
HKLM-Run-vProt - c:\program files\AVG SafeGuard toolbar\vprot.exe
HKLM-Run-mobilegeni daemon - c:\program files\Mobogenie\DaemonProcess.exe
c:\users\Caila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe -startup
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Adobe AIR - c:\program files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe
AddRemove-Agere Systems Soft Modem - c:\windows\agrsmdel
AddRemove-alotAppbar - c:\program files\alotappbar\alotUninst.exe
AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe
AddRemove-AVG SafeGuard toolbar - c:\program files\AVG SafeGuard toolbar\UNINSTALL.exe
AddRemove-BabylonToolbar - c:\program files\BabylonToolbar\BabylonToolbar\1.8.3.8\GUninstaller.exe
AddRemove-Elf_1.11 Toolbar - c:\program files\Elf_1.11\UninstallerUI.exe
AddRemove-Elf_1.12 Toolbar - c:\progra~1\Elf_1.12\UNWISE.EXE
AddRemove-MyScribe - c:\program files\CafeScribe\MyScribe\uninstall.exe
AddRemove-pywin32-py2.6 - c:\program files\Python\Removepywin32.exe
AddRemove-Search Toolbar - c:\program files\Search Toolbar\SearchToolbarUninstall.exe
AddRemove-Zynga Toolbar - c:\progra~1\UNWISE.EXE
AddRemove-{0E08BAC8-845B-4327-8CDB-4B0F8C9857A5}_is1 - c:\program files\FLV Media Player\unins000.exe
AddRemove-{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\Google\Google Toolbar\Component\GoogleToolbarManager_231F3FD17DB59CFD.exe
AddRemove-{86C0E2A3-1EDA-4F01-A43D-80DA8642813C}_is1 - c:\program files\GameTap Web Player\unins000.exe
AddRemove-{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA} - c:\program files\kikin\uninst.exe
AddRemove-iMesh - c:\program files\iMesh Applications\iMesh\uninstall.exe
.
.
.
**************************************************************************
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
mobilegeni daemon = c:\program files\Mobogenie\DaemonProcess.exe?????????????????????????????????????????????????????????????????????????????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.8.0.41\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PCD5SRVC{BD6912E3-AC9D80E8-05040000}]
"ImagePath"="\??\c:\progra~1\PC-DOC~1\PCD5SRVC.pkms"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\progra~1\HOWTOS~2\bar\1.bin\8ebarsvc.exe
c:\progra~1\mcafee\SITEAD~1\mcsacore.exe
c:\program files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
c:\progra~1\RETROG~2\bar\1.bin\6hbarsvc.exe
c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
c:\program files\Workshare\Modules\Workshare.Protect.Svc.exe
c:\program files\Yontoo\Y2Desktop.Updater.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
c:\windows\System32\rundll32.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Hewlett-Packard\KBD\kbd.exe
c:\program files\Microsoft Security Client\MpCmdRun.exe
c:\program files\Microsoft Security Client\MpCmdRun.exe
c:\program files\Microsoft Security Client\MpCmdRun.exe
c:\windows\system32\sdclt.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2014-02-04 21:56:39 - machine was rebooted
ComboFix-quarantined-files.txt 2014-02-05 03:55
.
Pre-Run: 301,097,574,400 bytes free
Post-Run: 313,215,107,072 bytes free
.
- - End Of File - - A1F7EC2C448D9E01D502476482DB2726
03BA8F890B47C0BE359A4D5A636D214D

 

[Broni]

You didn't follow my previous instructions:

You're running two AV programs, MSE and Norton.
You must uninstall one of them.
If Norton use this tool: http://www.majorgeeks.com/files/details/norton_removal_tool.html

Why?

 

[caila]

I did follow that and it said the program was uninstalled (I uninstalled Norton) or it said I did, I'll try again

 

[Broni]

Did you use Norton Removal Tool?

 

[caila]

Yes, I just used it again and it said it was removed and restarted my computer so I think it worked

 

[Broni]

OK.
How is computer doing?

Uninstall McAfee Security Scan Plus, typical foistware.

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on adwcleaner.exe to run the tool.
• Click on Scan button.
• When the scan has finished click on Clean button.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the contents of that logfile with your next reply.
• You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Download OTL to your Desktop.
Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Click the Scan All Users checkbox.
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

 

[caila]

# AdwCleaner v3.018 - Report created 05/02/2014 at 10:34:32
# Updated 28/01/2014 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Caila - HOME-PC
# Running from : C:\Users\Caila.Home-PC\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [64ffxtbr@TelevisionFanatic.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [m3ffxtbr@mywebsearch.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Client
Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Script
Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Server
Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Server2
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bho
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\inbox
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\rebinfo
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\RebateInf.RebateInfObj
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2391419
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2438727
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2857571
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2857572
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{622FD888-4E91-4D68-84D4-7262FD0811BF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67FA02C4-AB30-4E77-A640-78EE8EC8673B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{799391D3-EB86-4BAC-9BD3-CBFEA58A0E15}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB35C569-5624-4CFC-8043-E5139F55A073}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{548F6736-8FE4-4680-82F2-170D6C07E1D2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B97DCBCA-CEC4-4B26-9306-71FB3B0E321F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6329366E-B861-4024-8AE0-22F5DCD89F7F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466366628}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466416678}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{548F6736-8FE4-4680-82F2-170D6C07E1D2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{548F6736-8FE4-4680-82F2-170D6C07E1D2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{548F6736-8FE4-4680-82F2-170D6C07E1D2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FD79F359-E577-46DB-AA74-D6E6B8B45BA8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B97DCBCA-CEC4-4B26-9306-71FB3B0E321F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6329366E-B861-4024-8AE0-22F5DCD89F7F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C42103E4-7D10-4CC9-B2B4-C546BCCF8706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{548F6736-8FE4-4680-82F2-170D6C07E1D2}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{548F6736-8FE4-4680-82F2-170D6C07E1D2}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{548F6736-8FE4-4680-82F2-170D6C07E1D2}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\CToolbar
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\incredibar.com
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\InstalledThirdPartyPrograms
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\smartbarbackup
Key Deleted : HKCU\Software\smartbarlog
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\TranslatorBar_1.2
Key Deleted : HKCU\Software\Zynga
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\AskBarDis
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\TelevisionFanatic
Key Deleted : HKCU\Software\AppDataLow\Software\TranslatorBar_1.2
Key Deleted : HKCU\Software\AppDataLow\Software\Zynga
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\CToolbar
Key Deleted : HKLM\Software\Inbox Toolbar
Key Deleted : HKLM\Software\InstalledThirdPartyPrograms
Key Deleted : HKLM\Software\TranslatorBar_1.2
Key Deleted : HKLM\Software\Zynga
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TranslatorBar_1.2 Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86C0E2A3-1EDA-4F01-A43D-80DA8642813C}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\alotAppbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\hblitesa
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IMBoosterARP
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Imesh
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Iminent
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Optimizer Pro_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\TelevisionFanaticbar Uninstall
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\torch
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\TranslatorBar_1.2 Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Zynga Toolbar
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16526


-\\ Mozilla Firefox v16.0.1 (en-US)

[ File : C:\Users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\prefs.js ]

Line Deleted : user_pref("extensions.6h5ygmCd5.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"onduit\")>-1){return}}catch(e){};var _wlst={lsKey:\"ssjsmn2ja8d[...]
Line Deleted : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.CrossriderNotifier_channels.expiration", "Fri Feb 01 2030 00:00:00 GMT-0600 (Central Standa[...]
Line Deleted : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.CrossriderNotifier_channels.value", "%7B%22app0%22%3A%22app0%22%2C%22app43628%22%3A%22app43[...]
Line Deleted : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.CrossriderNotifier_css.expiration", "Fri Jan 31 2014 09:26:00 GMT-0600 (Central Standard Ti[...]
Line Deleted : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.CrossriderNotifier_css.value", "%22.%25CSSClass%25%20%7B%5Cn%5Ctdisplay%3Anone%3B%5Cn%7D%5C[...]
Line Deleted : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.CrossriderNotifier_geolocation.expiration", "Tue Feb 04 2014 13:37:38 GMT-0600 (Central Sta[...]
Line Deleted : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.CrossriderNotifier_geolocation.value", "%22US%22");
Line Deleted : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.CrossriderNotifier_metadata.expiration", "Fri Jan 31 2014 09:25:59 GMT-0600 (Central Standa[...]
Line Deleted : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.cookie.CrossriderNotifier_metadata.value", "%7B%22appId%22%3A43628%2C%22appName%22%3A%22weDownload[...]
Line Deleted : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.description", "Enhance your search results with direct download links and information for apps and[...]
Line Deleted : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.internaldb.Resources_meta.value", "%7B%22extension.css%22%3A%7B%22id%22%3A311159%2C%22ver%22%3A2%2[...]
Line Deleted : user_pref("extensions.a008abed2b43a46c99a5ba771c87b82da1ad61d532bdc4484a26bb888ecae1906com43628.43628.internaldb.Resources_resource_311159.value", "%22.crossrider-nofity-34345-body-theme-white-black%2[...]
Line Deleted : user_pref("extensions.crossrider.bic", "143b1d113a2fa21a980ccbdbd83b8ce5");
Line Deleted : user_pref("extensions.mywebsearch.prevDefaultEngine", "Search Results");
Line Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Line Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=468&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=4631730952214124&o=APN10645&q=");
Line Deleted : user_pref("extensions.mywebsearch.prevSelectedEngine", "Search Results");
Line Deleted : user_pref("extensions.nY2EUP6.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"onduit\")>-1){return}}catch(e){};var _wlst={lsKey:\"ssjsmn2ja8ddw[...]
Line Deleted : user_pref("extensions.toolbar.mindspark._8eMembers_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=88DFCF9F-46E7-43E7-ACAA-509621A36114&n=780b6270&p2=^AW6^xdm002^YYA^us&si=CLXLr8rhyLkCFVNo7Aod0gMA[...]
Line Deleted : user_pref("extensions.toolbar.mindspark._8eMembers_.hp.enabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._8eMembers_.initialized", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._8eMembers_.installation.contextKey", "");
Line Deleted : user_pref("extensions.toolbar.mindspark._8eMembers_.installation.installDate", "2014012016");
Line Deleted : user_pref("extensions.toolbar.mindspark._8eMembers_.installation.partnerId", "^AW6^xdm002^YYA^us");
Line Deleted : user_pref("extensions.toolbar.mindspark._8eMembers_.installation.partnerSubId", "CLXLr8rhyLkCFVNo7Aod0gMALA");
Line Deleted : user_pref("extensions.toolbar.mindspark._8eMembers_.installation.success", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._8eMembers_.installation.toolbarId", "88DFCF9F-46E7-43E7-ACAA-509621A36114");
Line Deleted : user_pref("extensions.toolbar.mindspark._8eMembers_.lastActivePing", "1391094630696");
Line Deleted : user_pref("extensions.toolbar.mindspark._8eMembers_.options.defaultSearch", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._8eMembers_.options.homePageEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._8eMembers_.options.keywordEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._8eMembers_.options.tabEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._8eMembers_.weather.location", "33101");
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "howtosimplified@mindspark.com");
Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "howtosimplified@mindspark.com");
Line Deleted : user_pref("browser.search.selectedEngine", "Web Search");

-\\ Google Chrome v32.0.1700.102

[ File : C:\Users\Caila.Home-PC\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [56637 octets] - [05/02/2014 10:29:45]
AdwCleaner[R1].txt - [39102 octets] - [05/02/2014 10:33:41]
AdwCleaner[S0].txt - [4445 octets] - [05/02/2014 10:30:41]
AdwCleaner[S1].txt - [39898 octets] - [05/02/2014 10:34:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [39959 octets] ##########

 

[caila]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Caila on Wed 02/05/2014 at 10:40:34.71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-4029578848-2330232405-1189657799-1002\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\searchURL\\Default
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220422362228}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220422412278}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\wincert"
Successfully deleted: [Folder] "C:\ProgramData\youtubeadblocker"
Successfully deleted: [Folder] "C:\Users\Caila.Home-PC\AppData\Roaming\pcpowerspeed"
Successfully deleted: [Folder] "C:\Users\Caila.Home-PC\appdata\local\browsersafeguard"
Successfully deleted: [Folder] "C:\Users\Caila.Home-PC\appdata\locallow\datamngr"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Caila.Home-PC\AppData\Roaming\mozilla\firefox\profiles\y7ng6mir.default\extensions\afext@anchorfree.com
Successfully deleted: [Folder] C:\Users\Caila.Home-PC\AppData\Roaming\mozilla\firefox\profiles\y7ng6mir.default\extensions\staged
Successfully deleted the following from C:\Users\Caila.Home-PC\AppData\Roaming\mozilla\firefox\profiles\y7ng6mir.default\prefs.js

user_pref("browser.startup.homepage", "hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=US&userid=d240f276-3738-3939-63ad-a329dd4133f0&searchtype=hp&insta
user_pref("keyword.URL", "hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=US&userid=d240f276-3738-3939-63ad-a329dd4133f0&searchtype=ds&installDate=04/02/
user_pref("browser.newtab.url", "hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=US&userid=d240f276-3738-3939-63ad-a329dd4133f0&searchtype=nt&installDate
Emptied folder: C:\Users\Caila.Home-PC\AppData\Roaming\mozilla\firefox\profiles\y7ng6mir.default\minidumps [8 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 02/05/2014 at 10:43:25.24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

[caila]

OTL Extras logfile created on: 2/5/2014 10:46:14 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Caila.Home-PC\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.87 Gb Total Physical Memory | 1.71 Gb Available Physical Memory | 59.62% Memory free
5.96 Gb Paging File | 4.70 Gb Available in Paging File | 78.80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 454.48 Gb Total Space | 286.37 Gb Free Space | 63.01% Space Free | Partition Type: NTFS
Drive D: | 11.28 Gb Total Space | 1.58 Gb Free Space | 14.00% Space Free | Partition Type: NTFS
Drive E: | 4.31 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: HOME-PC | User Name: Caila | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-4029578848-2330232405-1189657799-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{145EBBEF-EA9F-4987-BAD3-E0B4BB7ED742}" = rport=139 | protocol=6 | dir=out | app=system |
"{22549371-2557-42B8-9F3D-94D82DE950C1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{516DE6FB-BAA0-4237-9AF2-00ADD4A17D10}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{558E6FCB-DFBF-4A1F-A11E-82E92BF155FF}" = lport=137 | protocol=17 | dir=in | app=system |
"{56DC65BC-70DD-4CFB-B44E-047C31CADD8A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{69C3FBD0-ECF7-4A55-9C86-8B7944F4C95B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{716EAAF8-93C8-40AD-AD20-F662477AB8B6}" = lport=445 | protocol=6 | dir=in | app=system |
"{76EAEDBE-9E9B-4B99-B16B-D16075D0DD32}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{855873D7-5819-4571-BE64-389F9603CA9B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{88C6A4B6-954B-4C66-8170-6E1668F78F35}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A79D0B8F-3C7D-4B91-8DF9-579CC38F1AFB}" = rport=138 | protocol=17 | dir=out | app=system |
"{B6EC4C2A-5734-40F2-9FF4-856065481454}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B7F9F61E-FE20-413E-9B84-6D9332C8E71E}" = lport=139 | protocol=6 | dir=in | app=system |
"{BAC4C2DD-FF74-4869-9023-5F21CF1E7367}" = rport=137 | protocol=17 | dir=out | app=system |
"{BD20F99F-3441-433D-80B1-C9D0D7D1CE33}" = rport=445 | protocol=6 | dir=out | app=system |
"{BEA7AADE-8BBE-4174-AA35-8FB3F9F05880}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F1F90741-043D-46F8-98C5-319B6E15F613}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F4FEF094-7499-4C59-B822-C47790E0A7F3}" = lport=138 | protocol=17 | dir=in | app=system |
"{FCB2C7A9-FF6E-4C04-92A2-1C64983FEAC2}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07CF35B7-37EA-42FB-AF03-1EA402101DF3}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{07F2BD0E-3D4F-4178-878E-DE55F6369D5D}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{09DC7577-FD3E-4C20-9793-3D9992C15D05}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{1B51E8EA-29FA-4A89-83C6-F56EA3BA3183}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1B8869DE-7A5C-458C-B187-CA2464D2129C}" = dir=in | app=c:\program files\iminent\iminent.messengers.exe |
"{1BB71D99-5518-4D1C-854B-0A677A183FA0}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{1BD5991D-32BB-4A03-93CC-D54E17D9C101}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{31E90B06-A3CB-46B1-8113-F9CBB22DD77B}" = protocol=17 | dir=in | app=c:\users\caila.home-pc\appdata\local\temp\7zs45e6.tmp\symnrt.exe |
"{38F17535-4E86-4383-B8EA-024AD3670E02}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{3AA1B254-5D04-49F4-BEA2-7C3189679301}" = dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{505747DA-F8F0-4113-95B2-3F2F6210FB70}" = dir=in | app=c:\users\caila.home-pc\appdata\local\gcc\controller.exe |
"{52FDDF9F-305A-41DD-BA3A-E6496F1D2328}" = protocol=6 | dir=in | app=c:\programdata\esafe\egdpsvc.exe |
"{534503D8-E9D0-42F4-968D-C88E378725C7}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{59307F8E-E67E-4F83-8A76-E77A03B7FAA9}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{5B66E0EA-D777-4F2C-BC28-C7AD4AF41F1D}" = protocol=6 | dir=in | app=c:\users\caila.home-pc\appdata\local\temp\7zs45e6.tmp\symnrt.exe |
"{66532BB5-8C93-44A6-BF0F-FEBCA1F6F86F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{695F0853-1D8F-437D-B1C9-8685EA284FFF}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{7100357F-D82F-4FEB-A52F-C57698192539}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{72904AFD-EBC2-485B-BB28-4DC909B4D61D}" = dir=in | app=c:\program files\hewlett-packard\media\tv\qpservice.exe |
"{7318BE53-16FF-4BF5-846E-378D42981DC8}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{77F402CE-5A46-43E5-932E-41D468F4AA51}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{7CAE03BF-DBB8-4EA5-9A6E-D98A652E8AAF}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{7EF7674B-6CFB-4E7B-9FC5-FEA54783480C}" = dir=in | app=c:\program files\hewlett-packard\media\tv\qpservice.exe |
"{8436BAAF-D8C5-479A-B77D-B7D53FCEE26B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{88149DBC-A818-4B2D-810F-F74CF8D39517}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\tsmagent.exe |
"{8A366CEF-E157-45BA-B32E-7CCF886A258B}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{8B25820E-14DC-4EAE-B3CC-273EFF194FDB}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{92A49671-6860-4254-A633-7456E144BE01}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9BABA9DD-A045-4151-AB52-88186C16F5C6}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\tsmagent.exe |
"{9FC9940B-5F69-4AA2-BF87-73CF2C0A5EE8}" = protocol=17 | dir=in | app=c:\users\caila.home-pc\appdata\local\temp\7zsbc0f.tmp\symnrt.exe |
"{A60571AE-4996-445F-9504-ADFDE531D7AE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A63A0B22-493A-4696-AAC9-B1E6E655A4E2}" = dir=in | app=c:\program files\hewlett-packard\media\tv\qp.exe |
"{A85E676D-FB61-4482-BD23-43B9F0CAD52C}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{A98BE661-5990-4971-90F6-EF1CEC813B08}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\tsmagent.exe |
"{AD77901E-B079-4520-8B34-3A697B6AF6D8}" = dir=in | app=c:\program files\hp\hp deskjet 2510 series\bin\usbsetup.exe |
"{B886792B-BB6F-48D8-83B8-FDC9D78A275C}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{B90F4379-C929-46A0-A1C0-84C2DDD25EA0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CA4CD933-AD17-4A4B-8DCB-DBCF45CED339}" = dir=in | app=c:\program files\hewlett-packard\media\tv\qp.exe |
"{CAFBDD04-5354-4266-9D39-637DBEE36699}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{CAFDCBD0-2960-43DC-BF87-E6252EB0C2CA}" = protocol=6 | dir=in | app=c:\program files\music toolbar\datamngr\srtool~1\ie\dtuser.exe |
"{D37B72BA-EAFD-469A-841C-A6843C1E39B5}" = dir=in | app=c:\program files\iminent\iminent.exe |
"{D507CFF7-2754-4099-A798-AE73A5ECC081}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{DBE4FDB7-75F9-4AF2-ADDD-816E671EFC82}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{DE88DE2F-C320-4E25-8E29-847BB6567023}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{E72584B4-2B5C-44CB-B4AE-C3AF34D10F0D}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{EB5DD18E-96DC-4789-B019-7268CA07E52B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EFF1AB1F-1D63-4DD3-9CD7-4743FF1E6C94}" = protocol=6 | dir=in | app=c:\users\caila.home-pc\appdata\local\temp\7zsbc0f.tmp\symnrt.exe |
"{F3C44878-FAA5-4CFD-ACD1-397558803B3A}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{F4869D46-0A1D-413C-B6C3-CBC33C484F5A}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hpdvdsmart.exe |
"TCP Query User{1511B0D0-D2FE-4E63-954A-C046C081152E}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{39B2C7AF-337E-49CA-8E75-88F00BDBD18F}C:\users\michael\appdata\local\pearson vue\nclex tutorial\jre\bin\java.exe" = protocol=6 | dir=in | app=c:\users\michael\appdata\local\pearson vue\nclex tutorial\jre\bin\java.exe |
"UDP Query User{337D15F1-E0DD-4580-ACCB-A2FF41A92D1F}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{39F52100-E837-4504-9C91-DBA95726BF72}C:\users\michael\appdata\local\pearson vue\nclex tutorial\jre\bin\java.exe" = protocol=17 | dir=in | app=c:\users\michael\appdata\local\pearson vue\nclex tutorial\jre\bin\java.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0295F89F-F698-4101-9A7D-49F407EC2D82}" = HP Active Support Library
"{03BF5CB1-B72E-4CA6-A278-F65680F05420}" = HP Picasso Media Center Add-In
"{0A5825FD-0FB7-4e45-9037-858D463F2943}" = BPDSoftware
"{0CD47142-BA4F-46B0-AA92-2675864928B8}" = Microsoft Security Client
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{10E3A6DD-84D8-4D8A-BB11-5E5314BCA7FD}" = Apple Mobile Device Support
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{195F2C6C-A343-4b10-B1A4-3F00AB9E9DD9}" = Fax
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1CC069FA-1A86-402E-9787-3F04E652C67A}" = HP Support Information
"{1DA007FA-6A47-426B-8813-91A8BC75EC7D}" = HP Deskjet 2510 series Product Improvement Study
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{216C7F38-4BBC-4E9A-8392-C9FA21B54386}" = HP Deskjet 2510 series Setup Guide
"{226024DE-CC99-4D20-863E-0B5F894871E2}" = Workshare Professional
"{234DADAD-3C3C-4FB1-90A4-0AF015D56E18}" = HP Deskjet 2510 series Help
"{254006BC-97DE-4C82-A1A1-A2BAD2520083}" = Snap.Do
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 21
"{286B09BC-F9BD-4F71-B767-2AE0CE2F8CE5}" = ScorpionSaver Services
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28F68316-B8F1-4E05-BADF-42DBECB40F0E}" = Iminent
"{2951A232-69BA-4925-BB9A-CEEB72B18B4F}" = BPDSoftware_Ini
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZero Preloader
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{37E0BDA5-DEAD-4116-8DC0-3F5C9A202C47}" = HP Deskjet 2510 series Basic Device Software
"{398E8625-6F3A-4C54-B54C-28F0ABB89774}" = BPD_HPSU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4732D4A0-5A47-44D8-9B84-B3BD4906D30D}" = TaxCut Premium 2007
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A3D0CF8-60FF-4CEF-91A4-A1F001424602}" = DocProc
"{4FAB5122-775E-4418-B8D9-E2873BC93570}" = Microsoft Live Search Toolbar
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{503B407F-BB93-4E18-A1A9-50F15D6B3432}" = simplitec simplicheck
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{5511C07D-A83C-45AD-92B6-42DF99729A3C}" = Adobe Photoshop Elements 7.0
"{572F2A62-70CD-4429-8758-6D4D6DC696E1}" = 4500_Help
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan
"{616445AF-BBCF-41C1-A4D6-8CFF171C182D}" = iTunes
"{63934E99-A4F7-478C-8BB0-259BB9D78FFF}" = Microsoft Report Viewer Redistributable 2005
"{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}" = Juno Preloader
"{6697D99E-E550-4498-B793-4A8DD8A1821F}" = ProductContext
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71C512A2-E620-40CD-B29D-9D8F34446F13}" = Workshare PDF Converter
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUSR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUSR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUSR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUSR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUSR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95A747E0-DF19-46CB-A622-20A0107201BD}" = HP Total Care Setup
"{97ABD26A-3249-46CB-B2E2-F66E64B2E480}" = HP Demo
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CC89170-000B-457D-91F1-53691F85B223}" = Python 2.6.1
"{9F8D1A84-9B7E-430A-BEFA-C84C7496E226}" = NCLEX Tutorial
"{9F986C21-5D52-49EA-BAE6-23529040A2DC}" = ASPCA Reminder V7F+AU by We-Care.com
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A7AC8E69-01FF-494E-9A2C-423B82CEA604}" = HP MediaSmart SmartMenu
"{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAF3BF6B-BFBB-430B-9B94-F1FB7D1E155B}" = SpadeClub Poker
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.4
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C13AF9C7-8E06-4354-B629-DF6192CE4A66}" = PANTECH UM175 Driver
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CD0773D5-C18E-495c-B39B-21A96415EDD5}" = HP Officejet J4500 Series
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BA}" = WinZip 14.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF56E507-A96E-4973-B7FB-E49542AE5875}" = QuickShare
"{D142FE39-3386-4d82-9AD3-36D4A92AC3C2}" = DocMgr
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D722CF4B-4B06-BF11-FDEA-BD1B319FEA57}" = muvee Reveal
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{E00842BA-AD61-4A58-8386-62E7314D0F04}" = MAGIX Screenshare
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E1591139-8B44-411B-A81B-D35F83A0565A}" = HP Customer Experience Enhancements
"{E5BA0430-919F-46DD-B656-0796F8A5ADFF}" = Microsoft Office Communicator 2007
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{FA4C2D53-205F-4245-9717-F3761154824D}" = Safari
"{FDEC11CC-4BD6-4a8c-A398-3CCD8E43EACA}" = J4500
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"ActiveTouchMeetingClient" = WebEx
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"APlusGamer_63bar Uninstall" = APlusGamer Toolbar
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"GigaClicks Crawler" = GigaClicks Crawler
"Google Chrome" = Google Chrome
"HowToSimplified_8ebar Uninstall Firefox" = HowToSimplified Firefox Toolbar
"HowToSimplified_8ebar Uninstall Internet Explorer" = HowToSimplified Internet Explorer Toolbar
"HP Document Manager" = HP Document Manager 1.0
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photo Creations" = HP Photo Creations
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"JFileManager" = JFileManager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Report Viewer Redistributable 2005" = Microsoft Report Viewer Redistributable 2005
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 16.0.1 (x86 en-US)" = Mozilla Firefox 16.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"OfficeTrial" = Microsoft Office Home and Student 60 day trial
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"Pdf995" = Pdf995
"PROPLUSR" = Microsoft Office Professional Plus 2007
"RealPlayer 12.0" = RealPlayer
"RetrogamerIEbar Uninstall" = Retrogamer
"Shop for HP Supplies" = Shop for HP Supplies
"thinkorswim from TD AMERITRADE" = thinkorswim from TD AMERITRADE
"VZAccess Manager" = VZAccess Manager
"weDownload Manager Pro" = weDownload Manager Pro
"WildTangent hp Master Uninstall" = My HP Games
"Winamp" = Winamp (remove only)
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4029578848-2330232405-1189657799-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{fcd43261-ae6f-4912-b5ee-8eb3da7189fb}" = Snap.Do Engine
"Browsersafeguard" = BrowserSafeguard with RocketTab

========== Last 20 Event Log Errors ==========

[ OSession Events ]
Error - 1/9/2010 10:13:44 AM | Computer Name = Home-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 69
seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 2/5/2014 12:52:11 PM | Computer Name = Home-PC | Source = DCOM | ID = 10010
Description =


< End of report >

 

[caila]

OTL logfile created on: 2/5/2014 10:46:14 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Caila.Home-PC\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.87 Gb Total Physical Memory | 1.71 Gb Available Physical Memory | 59.62% Memory free
5.96 Gb Paging File | 4.70 Gb Available in Paging File | 78.80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 454.48 Gb Total Space | 286.37 Gb Free Space | 63.01% Space Free | Partition Type: NTFS
Drive D: | 11.28 Gb Total Space | 1.58 Gb Free Space | 14.00% Space Free | Partition Type: NTFS
Drive E: | 4.31 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: HOME-PC | User Name: Caila | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/02/05 10:45:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Caila.Home-PC\Downloads\OTL.exe
PRC - [2014/01/07 10:43:06 | 000,104,880 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2013/10/23 15:01:10 | 000,300,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MpCmdRun.exe
PRC - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/10/23 14:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013/09/13 10:11:33 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files\HowToSimplified_8e\bar\1.bin\8ebarsvc.exe
PRC - [2009/10/13 13:00:00 | 000,495,432 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2009/06/19 16:54:24 | 000,036,864 | ---- | M] (Workshare) -- C:\Program Files\Workshare\Modules\Workshare.Protect.Svc.exe
PRC - [2009/04/22 22:06:52 | 000,206,120 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
PRC - [2009/04/22 21:53:22 | 000,296,320 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
PRC - [2009/04/22 21:53:22 | 000,116,104 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
PRC - [2009/04/11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/12/15 17:15:42 | 000,189,736 | ---- | M] (CyberLink) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2008/12/15 17:15:16 | 001,152,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
PRC - [2008/11/28 17:04:26 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2008/08/26 08:02:00 | 000,014,336 | ---- | M] (Agere Systems) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2006/02/23 13:10:38 | 000,035,328 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe


========== Modules (No Company Name) ==========

MOD - [2014/01/20 13:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 13:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2008/12/15 17:15:44 | 000,881,960 | ---- | M] () -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2006/02/23 13:10:38 | 000,035,328 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe -- (vToolbarUpdater17.3.0)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - File not found [Auto | Stopped] -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - File not found [Auto | Stopped] -- C:\PROGRA~1\APLUSG~2\bar\1.bin\63barsvc.exe -- (APlusGamer_63Service)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
SRV - [2014/01/07 10:43:06 | 000,104,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2013/12/10 19:44:18 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/09/13 10:11:33 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files\HowToSimplified_8e\bar\1.bin\8ebarsvc.exe -- (HowToSimplified_8eService)
SRV - [2012/10/10 19:05:59 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2010/07/22 07:54:07 | 000,028,766 | ---- | M] (Retrogamer) [Auto | Stopped] -- C:\Program Files\RetrogamerIE\bar\1.bin\6hbarsvc.exe -- (RetrogamerIEService)
SRV - [2009/06/19 16:54:24 | 000,036,864 | ---- | M] (Workshare) [Auto | Running] -- C:\Program Files\Workshare\Modules\Workshare.Protect.Svc.exe -- (Workshare Protect Service)
SRV - [2009/04/22 21:53:22 | 000,296,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc)
SRV - [2009/04/22 21:53:22 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched)
SRV - [2008/08/26 08:02:00 | 000,014,336 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008/01/20 20:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\GameTap Web Player\bin\Release\X4HSX32.Sys -- (X4HSX32)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\ridyezhx.sys -- (ridyezhx)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{58D5CC33-7066-4F62-9D92-AFB8EDD364FD}\MpKsl053b1e33.sys -- (MpKsl053b1e33)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\ihnnqhek.sys -- (ihnnqhek)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\felcqgoa.sys -- (felcqgoa)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2013/11/17 20:52:34 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/09/27 09:53:06 | 000,104,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2008/11/28 17:04:24 | 000,087,536 | ---- | M] (CyberLink Corp.) [2009/10/24 09:48:22] [Kernel | Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2008/11/21 10:53:00 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/11/18 03:28:00 | 007,638,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/11/04 17:30:34 | 000,020,640 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\PC-Doctor for Windows\pcd5srvc.pkms -- (PCD5SRVC{BD6912E3-AC9D80E8-05040000})
DRV - [2008/08/01 06:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/07/21 10:12:50 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008/07/21 10:12:50 | 000,133,152 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/05/22 03:39:34 | 000,015,360 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/03/11 16:58:48 | 000,041,344 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUMdm.sys -- (PTDUMdm)
DRV - [2008/03/11 16:58:44 | 000,029,824 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUBus.sys -- (PTDUBus)
DRV - [2005/12/12 11:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\URLSearchHook: {313a832a-aaf3-4880-a8d0-c42bee319c02} - No CLSID value found
IE - HKLM\..\URLSearchHook: {38542454-dfb6-44f5-b052-d4e071a3d073} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-4029578848-2330232405-1189657799-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com [binary data]
IE - HKU\S-1-5-21-4029578848-2330232405-1189657799-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4029578848-2330232405-1189657799-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-4029578848-2330232405-1189657799-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-4029578848-2330232405-1189657799-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\S-1-5-21-4029578848-2330232405-1189657799-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4029578848-2330232405-1189657799-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4029578848-2330232405-1189657799-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKU\S-1-5-21-4029578848-2330232405-1189657799-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:63017;https=127.0.0.1:63017

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.order.1: "Secure Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: {d240f276-3738-3939-63ad-a329dd4133f0}:1.0
FF - prefs.js..extensions.enabledAddons: afext@anchorfree.com:1.0
FF - prefs.js..extensions.enabledAddons: addon@bazaarfriend.com:2.0
FF - prefs.js..extensions.enabledAddons: 8effxtbr@HowToSimplified_8e.com:5.33.2.9206
FF - prefs.js..extensions.enabledAddons: {C4A4F5A0-4B89-4392-AFAC-D58010E349AF}:5.0.0.7384
FF - prefs.js..extensions.enabledAddons: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.5.9.20130409112616
FF - prefs.js..extensions.enabledAddons: 008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com:0.93.71
FF - prefs.js..extensions.enabledAddons: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.6.4
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@APlusGamer_63.com/Plugin: C:\Program Files\APlusGamer_63\bar\1.bin\NP63Stub.dll File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@HowToSimplified_8e.com/Plugin: C:\Program Files\HowToSimplified_8e\bar\1.bin\NP8eStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/12/05 10:41:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\63ffxtbr@APlusGamer_63.com: C:\Program Files\APlusGamer_63\bar\1.bin [2014/01/20 16:08:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\quickprint@hp.com: C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2013/05/07 11:39:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\8effxtbr@HowToSimplified_8e.com: C:\Program Files\HowToSimplified_8e\bar\1.bin [2014/02/03 02:05:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2014/01/20 16:08:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/20 14:06:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2014/02/03 01:28:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Caila\AppData\Roaming\Mozilla\Extensions
[2010/06/06 13:21:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Caila\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2014/02/05 10:43:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Caila.Home-PC\AppData\Roaming\mozilla\Firefox\Profiles\y7ng6mir.default\extensions
[2014/02/04 19:07:27 | 000,000,000 | ---D | M] ("Snap.Do ") -- C:\Users\Caila.Home-PC\AppData\Roaming\mozilla\Firefox\Profiles\y7ng6mir.default\extensions\{d240f276-3738-3939-63ad-a329dd4133f0}
[2014/01/20 16:41:34 | 000,000,000 | ---D | M] (savinsHHOp) -- C:\Users\Caila.Home-PC\AppData\Roaming\mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ackgooaouea@vpzopmbt.com
[2014/01/20 16:41:34 | 000,000,000 | ---D | M] (Bazaar Friend) -- C:\Users\Caila.Home-PC\AppData\Roaming\mozilla\Firefox\Profiles\y7ng6mir.default\extensions\addon@bazaarfriend.com
[2014/01/20 16:41:34 | 000,000,000 | ---D | M] (FlExiibleShopper) -- C:\Users\Caila.Home-PC\AppData\Roaming\mozilla\Firefox\Profiles\y7ng6mir.default\extensions\aziog@oyjndsyp.org
[2014/01/20 17:15:44 | 011,422,522 | ---- | M] () (No name found) -- C:\Users\Caila.Home-PC\AppData\Roaming\mozilla\firefox\profiles\y7ng6mir.default\extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF}.xpi
[2012/11/01 10:23:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/11/01 10:23:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2012/11/01 10:23:06 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2014/02/03 02:05:36 | 000,000,000 | ---D | M] (HowToSimplified) -- C:\PROGRAM FILES\HOWTOSIMPLIFIED_8E\BAR\1.BIN
[2014/01/20 16:08:51 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
File not found (No name found) -- C:\USERS\CAILA.HOME-PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y7NG6MIR.DEFAULT\EXTENSIONS\{635ABD67-4FE9-1B23-4F01-E679FA7484C1}
File not found (No name found) -- C:\USERS\CAILA.HOME-PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y7NG6MIR.DEFAULT\EXTENSIONS\008ABED2-B43A-46C9-9A5B-A771C87B82DA@1AD61D53-2BDC-4484-A26B-B888ECAE1906.COM
File not found (No name found) -- C:\USERS\CAILA.HOME-PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y7NG6MIR.DEFAULT\EXTENSIONS\2142C4B4-74C0-4C8D-9BE5-FDB4BF61B17B@FA0A20EB-0225-46EF-BA03-84E45A86B7D9.COM
File not found (No name found) -- C:\USERS\CAILA.HOME-PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y7NG6MIR.DEFAULT\EXTENSIONS\AFEXT@ANCHORFREE.COM
[2012/10/10 19:06:18 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/10/10 19:05:38 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

========== Chrome ==========

CHR - default_search_provider: Web (Enabled)
CHR - default_search_provider: search_url = http://feed.snapdo.com/?publisher=A...=ds&q={searchTerms}&installDate={installDate}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://feed.snapdo.com/?publisher=A...133f0&searchtype=hp&installDate={installDate}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.102\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.102\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.210.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U21 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files\MyWebSearch\bar\2.bin\NPMyWebS.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpjplug.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll
CHR - Extension: Music Box Toolbar = C:\Users\Caila.Home-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaiihjniipljfegaknmbkneamnoajd\29.1_0\
CHR - Extension: YouTube = C:\Users\Caila.Home-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Caila.Home-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\
CHR - Extension: Google Search = C:\Users\Caila.Home-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: SiteAdvisor = C:\Users\Caila.Home-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.4.1311_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Caila.Home-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\
CHR - Extension: Google Wallet = C:\Users\Caila.Home-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Gmail = C:\Users\Caila.Home-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/02/04 21:47:28 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Toolbar BHO) - {1eea7b7d-cc79-406b-a19b-7791b69cc663} - C:\Program Files\RetrogamerIE\bar\1.bin\6hbar.dll (Retrogamer)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKLM\..\Toolbar: (Retrogamer) - {4d96ce9c-9788-44a5-bfbc-45e4e745afb5} - C:\Program Files\RetrogamerIE\bar\1.bin\6hbar.dll (Retrogamer)
O3 - HKU\S-1-5-21-4029578848-2330232405-1189657799-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] c:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DVDAgent] C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [KBD] C:\Program Files\Hewlett-Packard\KBD\KbdStub.exe (Microsoft)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TSMAgent] c:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TVAgent] C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - Startup: C:\Users\Kyle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FrostWire On Startup.lnk = File not found
O4 - Startup: C:\Users\Kyle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = File not found
O4 - Startup: C:\Users\Laurie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GoZone iSync.lnk = File not found
O4 - Startup: C:\Users\Laurie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = File not found
O4 - Startup: C:\Users\Laurie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4029578848-2330232405-1189657799-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4029578848-2330232405-1189657799-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4029578848-2330232405-1189657799-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-4029578848-2330232405-1189657799-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2

 

[caila]

O7 - HKU\S-1-5-21-4029578848-2330232405-1189657799-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - Reg Error: Key error. File not found
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-4029578848-2330232405-1189657799-1004\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control)
O16 - DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} http://archives.gametap.com/static/cab_headless/GameTapWebPlayer.cab (GameTap Player)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://devrypresentations.webex.com/client/T27L/training/ieatgpc1.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 97.64.209.36 97.64.168.13
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9610D02F-78D7-408E-828E-02748E7EC04B}: DhcpNameServer = 97.64.209.36 97.64.168.13
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll File not found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Caila.Home-PC\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Caila.Home-PC\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/02/05 10:40:29 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/02/05 10:29:34 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/02/04 22:54:00 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/02/04 22:01:49 | 000,000,000 | --SD | C] -- C:\ComboFix
[2014/02/04 21:13:35 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014/02/04 21:04:28 | 000,000,000 | ---D | C] -- C:\Users\Caila.Home-PC\AppData\Local\CrashDumps
[2014/02/04 20:46:15 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014/02/04 20:46:15 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014/02/04 20:46:15 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014/02/04 20:41:15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/02/04 20:40:43 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014/02/04 19:35:02 | 000,107,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/02/04 19:33:36 | 000,075,480 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/02/04 19:32:47 | 000,000,000 | ---D | C] -- C:\Users\Caila.Home-PC\Desktop\MBARrootkit
[2014/02/04 19:16:54 | 000,000,000 | ---D | C] -- C:\Users\Caila.Home-PC\Desktop\RK_Quarantine
[2014/02/02 22:28:42 | 000,000,000 | ---D | C] -- C:\Users\Caila.Home-PC\AppData\Roaming\Malwarebytes
[2014/02/02 22:28:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/02/02 22:28:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/02/02 22:28:05 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/02/02 22:28:05 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014/02/02 22:08:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2014/02/02 20:13:32 | 000,000,000 | ---D | C] -- C:\Users\Caila.Home-PC\.android
[2014/02/02 20:13:30 | 000,000,000 | ---D | C] -- C:\Users\Caila.Home-PC\AppData\Local\GCC
[2014/02/02 20:13:29 | 000,000,000 | ---D | C] -- C:\Users\Caila.Home-PC\AppData\Local\cache
[2014/02/02 20:13:26 | 000,000,000 | ---D | C] -- C:\Users\Caila.Home-PC\AppData\Local\genienext
[2014/02/02 20:13:25 | 000,000,000 | ---D | C] -- C:\Users\Caila.Home-PC\Documents\Mobogenie
[2014/02/02 20:13:25 | 000,000,000 | ---D | C] -- C:\Users\Caila.Home-PC\AppData\Local\Mobogenie
[2014/02/02 20:13:12 | 000,000,000 | ---D | C] -- C:\Users\Caila.Home-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
[2014/02/02 20:10:16 | 000,000,000 | ---D | C] -- C:\Program Files\GrabRez
[2014/02/02 15:11:58 | 000,000,000 | ---D | C] -- C:\ProgramData\GreeatSaveur
[2014/02/02 15:11:57 | 000,000,000 | ---D | C] -- C:\Program Files\GreeatSaveur
[2014/02/02 15:11:48 | 000,000,000 | ---D | C] -- C:\Users\Caila.Home-PC\AppData\Local\Comodo
[2014/01/31 19:19:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2014/01/31 18:50:06 | 000,000,000 | ---D | C] -- C:\Users\Caila.Home-PC\Documents\My Policies
[2014/01/31 18:44:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/01/31 18:41:50 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/01/31 18:41:50 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2014/01/31 18:39:04 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2014/01/31 18:35:16 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2014/01/31 18:34:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2014/01/31 18:01:05 | 000,000,000 | ---D | C] -- C:\Users\Caila.Home-PC\AppData\Local\ElevatedDiagnostics
[2014/01/31 17:56:34 | 000,000,000 | ---D | C] -- C:\MATS
[2014/01/31 12:36:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014/01/20 16:42:13 | 000,000,000 | ---D | C] -- C:\Users\Caila.Home-PC\AppData\Local\Macromedia
[2014/01/20 16:41:45 | 000,000,000 | ---D | C] -- C:\Users\Caila.Home-PC\AppData\Local\HowToSimplified_8e
[2014/01/20 14:30:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2014/01/17 16:52:35 | 000,000,000 | ---D | C] -- C:\Users\Caila.Home-PC\Desktop\Tor Browser
[2014/01/07 09:55:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\log
[2014/01/07 09:55:51 | 000,000,000 | ---D | C] -- C:\ProgramData\WPM
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/02/05 10:45:36 | 000,000,818 | ---- | M] () -- C:\Users\Caila.Home-PC\Desktop\OTL - Shortcut.lnk
[2014/02/05 10:44:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/05 10:40:57 | 000,002,242 | ---- | M] () -- C:\Users\Caila.Home-PC\Desktop\JRT - Shortcut.lnk
[2014/02/05 10:37:52 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/05 10:36:34 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/05 10:36:34 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/05 10:36:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/05 10:36:22 | 3085,357,056 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/05 10:33:28 | 000,001,228 | ---- | M] () -- C:\Users\Caila.Home-PC\Desktop\adwcleaner - Shortcut.lnk
[2014/02/05 10:06:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/04 22:01:22 | 000,001,275 | ---- | M] () -- C:\Users\Caila.Home-PC\Desktop\ComboFix - Shortcut.lnk
[2014/02/04 21:47:28 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2014/02/04 20:16:38 | 000,107,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/02/04 20:16:22 | 000,075,480 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/02/04 19:07:34 | 000,002,283 | ---- | M] () -- C:\Users\Caila.Home-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Search.lnk
[2014/02/04 19:07:34 | 000,002,259 | ---- | M] () -- C:\Users\Caila.Home-PC\Desktop\Search.lnk
[2014/02/04 16:14:33 | 000,006,944 | ---- | M] () -- C:\Users\Caila.Home-PC\AppData\Local\d3d9caps.dat
[2014/02/03 00:30:02 | 000,000,230 | ---- | M] () -- C:\Users\Caila.Home-PC\AppData\Roaming\WB.CFG
[2014/02/02 22:28:14 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/02/02 22:11:30 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/02/02 20:34:37 | 059,480,761 | ---- | M] () -- C:\Users\Public\Desktop\american.horror.story.s01e01.dvdrip.xvid-demand.avi
[2014/01/31 18:50:15 | 000,000,886 | ---- | M] () -- C:\Users\Public\Desktop\Workshare Compare.lnk
[2014/01/31 18:44:58 | 000,001,626 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/01/31 17:46:05 | 000,000,595 | ---- | M] () -- C:\Users\Caila.Home-PC\Desktop\Twunk_32.dll - Shortcut.lnk
[2014/01/31 17:46:02 | 000,000,595 | ---- | M] () -- C:\Users\Caila.Home-PC\Desktop\Twunk_16.dll - Shortcut.lnk
[2014/01/31 17:45:58 | 000,000,595 | ---- | M] () -- C:\Users\Caila.Home-PC\Desktop\twain_32.dll - Shortcut.lnk
[2014/01/31 17:45:54 | 000,000,576 | ---- | M] () -- C:\Users\Caila.Home-PC\Desktop\twain.dll - Shortcut.lnk
[2014/01/31 17:45:46 | 000,000,595 | ---- | M] () -- C:\Users\Caila.Home-PC\Desktop\RtlExUpd.dll - Shortcut.lnk
[2014/01/31 17:45:33 | 000,000,588 | ---- | M] () -- C:\Users\Caila.Home-PC\Desktop\DIFxAPI.dll - Shortcut.lnk
[2014/01/31 12:41:32 | 000,474,760 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/01/29 11:51:07 | 000,000,005 | ---- | M] () -- C:\Users\Caila.Home-PC\AppData\Roaming\WBPU-TTL.DAT
[2014/01/24 13:03:21 | 000,000,929 | ---- | M] () -- C:\Users\Caila.Home-PC\Desktop\Continue iTunes Installation.lnk
[2014/01/11 18:00:00 | 000,000,456 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2014/01/06 20:30:52 | 000,607,406 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/06 20:30:52 | 000,105,046 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/02/05 10:45:36 | 000,000,818 | ---- | C] () -- C:\Users\Caila.Home-PC\Desktop\OTL - Shortcut.lnk
[2014/02/05 10:40:57 | 000,002,242 | ---- | C] () -- C:\Users\Caila.Home-PC\Desktop\JRT - Shortcut.lnk
[2014/02/05 10:33:17 | 000,001,228 | ---- | C] () -- C:\Users\Caila.Home-PC\Desktop\adwcleaner - Shortcut.lnk
[2014/02/04 22:01:20 | 000,001,275 | ---- | C] () -- C:\Users\Caila.Home-PC\Desktop\ComboFix - Shortcut.lnk
[2014/02/04 20:46:15 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/02/04 20:46:15 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/02/04 20:46:15 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/02/04 20:46:15 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/02/04 20:46:15 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/02/04 19:07:34 | 000,002,289 | ---- | C] () -- C:\Users\Caila.Home-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
[2014/02/04 19:07:34 | 000,002,283 | ---- | C] () -- C:\Users\Caila.Home-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Search.lnk
[2014/02/04 19:07:34 | 000,002,259 | ---- | C] () -- C:\Users\Caila.Home-PC\Desktop\Search.lnk
[2014/02/02 22:28:14 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/02/02 22:10:19 | 000,001,788 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2014/02/02 20:09:27 | 059,480,761 | ---- | C] () -- C:\Users\Public\Desktop\american.horror.story.s01e01.dvdrip.xvid-demand.avi
[2014/01/31 18:50:15 | 000,000,886 | ---- | C] () -- C:\Users\Public\Desktop\Workshare Compare.lnk
[2014/01/31 18:44:58 | 000,001,626 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/01/31 18:39:06 | 000,002,503 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2014/01/31 17:46:05 | 000,000,595 | ---- | C] () -- C:\Users\Caila.Home-PC\Desktop\Twunk_32.dll - Shortcut.lnk
[2014/01/31 17:46:02 | 000,000,595 | ---- | C] () -- C:\Users\Caila.Home-PC\Desktop\Twunk_16.dll - Shortcut.lnk
[2014/01/31 17:45:58 | 000,000,595 | ---- | C] () -- C:\Users\Caila.Home-PC\Desktop\twain_32.dll - Shortcut.lnk
[2014/01/31 17:45:54 | 000,000,576 | ---- | C] () -- C:\Users\Caila.Home-PC\Desktop\twain.dll - Shortcut.lnk
[2014/01/31 17:45:46 | 000,000,595 | ---- | C] () -- C:\Users\Caila.Home-PC\Desktop\RtlExUpd.dll - Shortcut.lnk
[2014/01/31 17:45:33 | 000,000,588 | ---- | C] () -- C:\Users\Caila.Home-PC\Desktop\DIFxAPI.dll - Shortcut.lnk
[2014/01/31 17:32:29 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2014/01/20 16:49:08 | 000,000,929 | ---- | C] () -- C:\Users\Caila.Home-PC\Desktop\Continue iTunes Installation.lnk
[2013/12/30 17:30:02 | 000,000,005 | ---- | C] () -- C:\Users\Caila.Home-PC\AppData\Roaming\WBPU-Q5-TTL.DAT
[2013/12/13 03:16:22 | 000,006,944 | ---- | C] () -- C:\Users\Caila.Home-PC\AppData\Local\d3d9caps.dat
[2013/11/17 20:49:30 | 000,000,904 | RHS- | C] () -- C:\Users\Caila.Home-PC\ntuser.pol
[2013/10/14 08:02:35 | 000,000,552 | ---- | C] () -- C:\Users\Caila.Home-PC\AppData\Local\d3d8caps.dat
[2013/07/26 18:30:02 | 000,000,230 | ---- | C] () -- C:\Users\Caila.Home-PC\AppData\Roaming\WB.CFG
[2013/06/19 07:30:01 | 000,000,005 | ---- | C] () -- C:\Users\Caila.Home-PC\AppData\Roaming\WBPU-TTL.DAT
[2013/05/07 11:28:04 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/04/07 11:31:03 | 000,000,160 | ---- | C] () -- C:\ProgramData\-FLUvDrrsvEMHSJr
[2012/04/07 11:31:03 | 000,000,000 | ---- | C] () -- C:\ProgramData\-FLUvDrrsvEMHSJ
[2012/04/07 11:30:52 | 000,000,256 | ---- | C] () -- C:\ProgramData\FLUvDrrsvEMHSJ
[2012/01/23 15:31:34 | 000,001,744 | ---- | C] () -- C:\Users\Caila.Home-PC\AppData\Roaming\DeltaVw.lnk
[2012/01/08 20:33:33 | 000,000,272 | ---- | C] () -- C:\ProgramData\~tVt5W4talFVujc
[2012/01/08 20:33:33 | 000,000,168 | ---- | C] () -- C:\ProgramData\~tVt5W4talFVujcr
[2012/01/08 20:33:29 | 000,000,456 | ---- | C] () -- C:\ProgramData\tVt5W4talFVujc
[2011/11/29 09:26:00 | 000,000,312 | ---- | C] () -- C:\ProgramData\~yFWh8W17ADpzPj
[2011/11/29 09:26:00 | 000,000,216 | ---- | C] () -- C:\ProgramData\~yFWh8W17ADpzPjr
[2011/11/29 09:25:58 | 000,000,448 | ---- | C] () -- C:\ProgramData\yFWh8W17ADpzPj
[2010/10/10 16:37:22 | 000,002,479 | ---- | C] () -- C:\Users\Caila.Home-PC\AppData\Local\tmp49133_1419339698_825_Q[1].0
[2010/10/10 16:37:22 | 000,001,632 | ---- | C] () -- C:\Users\Caila.Home-PC\AppData\Local\tmp49133_1419339698_825_Q[1].JPG
[2010/09/19 11:55:14 | 000,000,013 | ---- | C] () -- C:\Users\Caila.Home-PC\cvdm.err
[2010/08/25 16:51:14 | 000,006,144 | ---- | C] () -- C:\Users\Caila.Home-PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 06:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 11:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 00:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 00:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2009/10/10 11:59:16 | 000,000,000 | ---D | M] -- C:\Users\Caila\AppData\Roaming\Azureus
[2010/06/04 13:44:33 | 000,000,000 | ---D | M] -- C:\Users\Caila\AppData\Roaming\LimeWire
[2009/10/08 15:32:26 | 000,000,000 | ---D | M] -- C:\Users\Caila\AppData\Roaming\MyScribe
[2010/02/24 18:42:07 | 000,000,000 | ---D | M] -- C:\Users\Caila\AppData\Roaming\WildTangent
[2009/10/19 15:12:34 | 000,000,000 | ---D | M] -- C:\Users\Caila\AppData\Roaming\Workshare
[2014/01/14 21:21:04 | 000,000,000 | ---D | M] -- C:\Users\Caila.Home-PC\AppData\Roaming\FrostWire
[2013/11/17 22:04:49 | 000,000,000 | ---D | M] -- C:\Users\Caila.Home-PC\AppData\Roaming\MAGIX
[2013/12/19 15:32:24 | 000,000,000 | ---D | M] -- C:\Users\Caila.Home-PC\AppData\Roaming\MusicNet
[2014/01/20 11:26:40 | 000,000,000 | ---D | M] -- C:\Users\Caila.Home-PC\AppData\Roaming\TuneUpMedia
[2010/07/03 22:48:39 | 000,000,000 | ---D | M] -- C:\Users\Caila.Home-PC\AppData\Roaming\WildTangent
[2010/06/05 08:35:35 | 000,000,000 | ---D | M] -- C:\Users\Caila.Home-PC\AppData\Roaming\Workshare
[2009/10/19 12:16:03 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Workshare
[2009/10/19 12:16:03 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Workshare
[2013/12/20 15:51:19 | 000,000,000 | ---D | M] -- C:\Users\Kyle\AppData\Roaming\FrostWire
[2014/02/03 01:41:23 | 000,000,000 | ---D | M] -- C:\Users\Kyle\AppData\Roaming\Iminent
[2013/12/20 15:45:01 | 000,000,000 | ---D | M] -- C:\Users\Kyle\AppData\Roaming\LimeWire
[2013/10/21 01:39:14 | 000,000,000 | ---D | M] -- C:\Users\Kyle\AppData\Roaming\PCPowerSpeed
[2011/08/26 06:54:55 | 000,000,000 | ---D | M] -- C:\Users\Kyle\AppData\Roaming\pdf995
[2013/12/17 18:50:06 | 000,000,000 | ---D | M] -- C:\Users\Kyle\AppData\Roaming\simplitec
[2011/08/25 17:55:30 | 000,000,000 | ---D | M] -- C:\Users\Kyle\AppData\Roaming\Template
[2009/11/24 17:59:17 | 000,000,000 | ---D | M] -- C:\Users\Kyle\AppData\Roaming\Workshare
[2009/10/11 10:26:27 | 000,000,000 | ---D | M] -- C:\Users\Laurie\AppData\Roaming\Azureus
[2009/10/19 13:39:28 | 000,000,000 | ---D | M] -- C:\Users\Laurie\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/12/26 09:33:08 | 000,000,000 | ---D | M] -- C:\Users\Laurie\AppData\Roaming\FrostWire
[2009/10/04 05:16:32 | 000,000,000 | ---D | M] -- C:\Users\Laurie\AppData\Roaming\GetRightToGo
[2014/02/03 01:41:23 | 000,000,000 | ---D | M] -- C:\Users\Laurie\AppData\Roaming\iminent
[2013/12/01 15:29:00 | 000,000,000 | ---D | M] -- C:\Users\Laurie\AppData\Roaming\LimeWire
[2013/11/17 21:57:02 | 000,000,000 | ---D | M] -- C:\Users\Laurie\AppData\Roaming\MAGIX
[2009/12/15 16:28:08 | 000,000,000 | ---D | M] -- C:\Users\Laurie\AppData\Roaming\MyScribe
[2013/11/20 09:57:12 | 000,000,000 | ---D | M] -- C:\Users\Laurie\AppData\Roaming\Optimizer Pro
[2011/08/28 18:15:35 | 000,000,000 | ---D | M] -- C:\Users\Laurie\AppData\Roaming\PCPowerSpeed
[2009/10/19 13:27:27 | 000,000,000 | ---D | M] -- C:\Users\Laurie\AppData\Roaming\pdf995
[2010/11/08 14:28:30 | 000,000,000 | ---D | M] -- C:\Users\Laurie\AppData\Roaming\Sammsoft
[2013/12/01 15:27:43 | 000,000,000 | ---D | M] -- C:\Users\Laurie\AppData\Roaming\simplitec
[2009/10/19 13:27:25 | 000,000,000 | ---D | M] -- C:\Users\Laurie\AppData\Roaming\TaxCut
[2010/02/23 19:59:46 | 000,000,000 | ---D | M] -- C:\Users\Laurie\AppData\Roaming\webex
[2009/10/24 08:25:29 | 000,000,000 | ---D | M] -- C:\Users\Laurie\AppData\Roaming\WinBatch
[2009/10/19 12:16:03 | 000,000,000 | ---D | M] -- C:\Users\Laurie\AppData\Roaming\Workshare
[2012/11/01 10:15:42 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Babylon
[2014/02/03 01:41:23 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Iminent
[2012/07/31 14:53:53 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\LimeWire
[2012/12/27 14:31:39 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\PCPowerSpeed
[2013/05/07 11:58:08 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\pdf995
[2013/11/18 17:49:41 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\simplitec
[2009/10/22 11:36:23 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Workshare
[2014/02/03 21:54:05 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Yontoo

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:EA029835

< End of report >

 

[caila]

Oh yeah, my computer is doing good now, the audio ads are gone but I don't know if there is anything else I need to do to clean out my computer

 

[Broni]

Good news

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe -- (vToolbarUpdater17.3.0)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - File not found [Auto | Stopped] -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - File not found [Auto | Stopped] -- C:\PROGRA~1\APLUSG~2\bar\1.bin\63barsvc.exe -- (APlusGamer_63Service)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\GameTap Web Player\bin\Release\X4HSX32.Sys -- (X4HSX32)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\ridyezhx.sys -- (ridyezhx)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{58D5CC33-7066-4F62-9D92-AFB8EDD364FD}\MpKsl053b1e33.sys -- (MpKsl053b1e33)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\ihnnqhek.sys -- (ihnnqhek)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\felcqgoa.sys -- (felcqgoa)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)'
IE - HKLM\..\URLSearchHook: {313a832a-aaf3-4880-a8d0-c42bee319c02} - No CLSID value found
IE - HKLM\..\URLSearchHook: {38542454-dfb6-44f5-b052-d4e071a3d073} - No CLSID value found
IE - HKU\S-1-5-21-4029578848-2330232405-1189657799-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKU\S-1-5-21-4029578848-2330232405-1189657799-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:63017;https=127.0.0.1:63017
FF - HKLM\Software\MozillaPlugins\@APlusGamer_63.com/Plugin: C:\Program Files\APlusGamer_63\bar\1.bin\NP63Stub.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKU\S-1-5-21-4029578848-2330232405-1189657799-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O4 - Startup: C:\Users\Kyle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FrostWire On Startup.lnk = File not found
O4 - Startup: C:\Users\Kyle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = File not found
O4 - Startup: C:\Users\Laurie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GoZone iSync.lnk = File not found
O4 - Startup: C:\Users\Laurie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = File not found
O4 - Startup: C:\Users\Laurie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = File not found
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - Reg Error: Key error. File not found
O15 - HKU\S-1-5-21-4029578848-2330232405-1189657799-1004\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll File not found
[2012/04/07 11:31:03 | 000,000,160 | ---- | C] () -- C:\ProgramData\-FLUvDrrsvEMHSJr
[2012/04/07 11:31:03 | 000,000,000 | ---- | C] () -- C:\ProgramData\-FLUvDrrsvEMHSJ
[2012/04/07 11:30:52 | 000,000,256 | ---- | C] () -- C:\ProgramData\FLUvDrrsvEMHSJ
[2012/01/23 15:31:34 | 000,001,744 | ---- | C] () -- C:\Users\Caila.Home-PC\AppData\Roaming\DeltaVw.lnk
[2012/01/08 20:33:33 | 000,000,272 | ---- | C] () -- C:\ProgramData\~tVt5W4talFVujc
[2012/01/08 20:33:33 | 000,000,168 | ---- | C] () -- C:\ProgramData\~tVt5W4talFVujcr
[2012/01/08 20:33:29 | 000,000,456 | ---- | C] () -- C:\ProgramData\tVt5W4talFVujc
[2011/11/29 09:26:00 | 000,000,312 | ---- | C] () -- C:\ProgramData\~yFWh8W17ADpzPj
[2011/11/29 09:26:00 | 000,000,216 | ---- | C] () -- C:\ProgramData\~yFWh8W17ADpzPjr
[2011/11/29 09:25:58 | 000,000,448 | ---- | C] () -- C:\ProgramData\yFWh8W17ADpzPj
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:EA029835

:Services

:Reg

:Files
C:\FRST

:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• You will get a log that shows the results of the fix. Please post it.

NOTE. If for any reason OTL stalls (most likely at "killing processes..." step) run the fix from safe mode.

Last scans...

Download Security Check from here or here and save it to your Desktop.

• Double-click SecurityCheck.exe
• Follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

• Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services
• Press "Scan".
• It will create a log (FSS.txt) in the same directory the tool is run.
• Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

• Double click on TFC.exe to run the program.
• Click on Start button to begin cleaning process.
• TFC will close all running programs, and it may ask you to restart computer.

Please run a free online scan with the ESET Online Scanner

• Disable your antivirus program
• Click on "Run ESET Online Scanner" button.
• Tick the box next to YES, I accept the Terms of Use
• Click Start
• Accept any security warnings from your browser.
• Check Scan archives
• Click Start
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
• When the scan completes, click on List of found threats
• Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
• NOTE. If Eset won't find any threats, it won't produce any log.

 

[caila]

All processes killed
========== OTL ==========
Error: No service named vToolbarUpdater17.3.0 was found to stop!
Service\Driver key vToolbarUpdater17.3.0 not found.
File C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe not found.
Error: No service named LightScribeService was found to stop!
Service\Driver key LightScribeService not found.
File C:\Program Files\Common Files\LightScribe\LSSrvc.exe not found.
Error: No service named HP Health Check Service was found to stop!
Service\Driver key HP Health Check Service not found.
File c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe not found.
Error: No service named gusvc was found to stop!
Service\Driver key gusvc not found.
File C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe not found.
Error: No service named FLEXnet Licensing Service was found to stop!
Service\Driver key FLEXnet Licensing Service not found.
File C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe not found.
Error: No service named APlusGamer_63Service was found to stop!
Service\Driver key APlusGamer_63Service not found.
File C:\PROGRA~1\APLUSG~2\bar\1.bin\63barsvc.exe not found.
Error: No service named AdobeActiveFileMonitor7.0 was found to stop!
Service\Driver key AdobeActiveFileMonitor7.0 not found.
File C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe not found.
Error: No service named X4HSX32 was found to stop!
Service\Driver key X4HSX32 not found.
File C:\Program Files\GameTap Web Player\bin\Release\X4HSX32.Sys not found.
Error: No service named ridyezhx was found to stop!
Service\Driver key ridyezhx not found.
File C:\Windows\system32\drivers\ridyezhx.sys not found.
Error: No service named NwlnkFwd was found to stop!
Service\Driver key NwlnkFwd not found.
File system32\DRIVERS\nwlnkfwd.sys not found.
Error: No service named NwlnkFlt was found to stop!
Service\Driver key NwlnkFlt not found.
File system32\DRIVERS\nwlnkflt.sys not found.
Error: No service named MpKsl053b1e33 was found to stop!
Service\Driver key MpKsl053b1e33 not found.
File c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{58D5CC33-7066-4F62-9D92-AFB8EDD364FD}\MpKsl053b1e33.sys not found.
Error: No service named IpInIp was found to stop!
Service\Driver key IpInIp not found.
File system32\DRIVERS\ipinip.sys not found.
Error: No service named ihnnqhek was found to stop!
Service\Driver key ihnnqhek not found.
File C:\Windows\system32\drivers\ihnnqhek.sys not found.
Error: No service named felcqgoa was found to stop!
Service\Driver key felcqgoa not found.
File C:\Windows\system32\drivers\felcqgoa.sys not found.
Error: No service named catchme was found to stop!
Service\Driver key catchme not found.
File C:\ComboFix\catchme.sys not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{313a832a-aaf3-4880-a8d0-c42bee319c02} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{313a832a-aaf3-4880-a8d0-c42bee319c02}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{38542454-dfb6-44f5-b052-d4e071a3d073} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{38542454-dfb6-44f5-b052-d4e071a3d073}\ not found.
HKU\S-1-5-21-4029578848-2330232405-1189657799-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKU\S-1-5-21-4029578848-2330232405-1189657799-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@APlusGamer_63.com/Plugin\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-4029578848-2330232405-1189657799-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
File move failed. C:\Users\Kyle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FrostWire On Startup.lnk scheduled to be moved on reboot.
File move failed. C:\Users\Kyle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk scheduled to be moved on reboot.
File move failed. C:\Users\Laurie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GoZone iSync.lnk scheduled to be moved on reboot.
File move failed. C:\Users\Laurie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk scheduled to be moved on reboot.
File move failed. C:\Users\Laurie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk scheduled to be moved on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65}\ not found.
Registry value HKEY_USERS\S-1-5-21-4029578848-2330232405-1189657799-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A9007C0-4076-11D3-8789-0000F8105754}\ not found.
File {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll File not found not found.
File C:\ProgramData\-FLUvDrrsvEMHSJr not found.
File C:\ProgramData\-FLUvDrrsvEMHSJ not found.
File C:\ProgramData\FLUvDrrsvEMHSJ not found.
File C:\Users\Caila.Home-PC\AppData\Roaming\DeltaVw.lnk not found.
File C:\ProgramData\~tVt5W4talFVujc not found.
File C:\ProgramData\~tVt5W4talFVujcr not found.
File C:\ProgramData\tVt5W4talFVujc not found.
File C:\ProgramData\~yFWh8W17ADpzPj not found.
File C:\ProgramData\~yFWh8W17ADpzPjr not found.
File C:\ProgramData\yFWh8W17ADpzPj not found.
Unable to delete ADS C:\ProgramData\Temp:EA029835 .
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
File\Folder C:\FRST not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: Caila
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Caila.Home-PC
->Temp folder emptied: 35227 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes

User: Kyle
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2437836814 bytes
->Java cache emptied: 40348553 bytes
->Google Chrome cache emptied: 418097782 bytes
->Apple Safari cache emptied: 9919488 bytes
->Flash cache emptied: 41550 bytes

User: Laurie
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 79861036 bytes
->Java cache emptied: 62114069 bytes
->Google Chrome cache emptied: 6185413 bytes
->Apple Safari cache emptied: 10724352 bytes
->Flash cache emptied: 150364 bytes

User: Michael
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 296347707 bytes
->Java cache emptied: 27208352 bytes
->FireFox cache emptied: 41575706 bytes
->Google Chrome cache emptied: 74968717 bytes
->Apple Safari cache emptied: 13214720 bytes
->Flash cache emptied: 15633270 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 37023 bytes
RecycleBin emptied: 5662 bytes

Total Files Cleaned = 3,371.00 mb


[EMPTYJAVA]

User: Administrator

User: All Users

User: Caila
->Java cache emptied: 0 bytes

User: Caila.Home-PC
->Java cache emptied: 0 bytes

User: Default

User: Default User

User: Guest

User: Kyle
->Java cache emptied: 0 bytes

User: Laurie
->Java cache emptied: 0 bytes

User: Michael
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Caila
->Flash cache emptied: 0 bytes

User: Caila.Home-PC
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Guest

User: Kyle
->Flash cache emptied: 0 bytes

User: Laurie
->Flash cache emptied: 0 bytes

User: Michael
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02052014_192322

Files\Folders moved on Reboot...
File\Folder C:\Users\Kyle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FrostWire On Startup.lnk not found!
File\Folder C:\Users\Kyle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk not found!
File\Folder C:\Users\Laurie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GoZone iSync.lnk not found!
File\Folder C:\Users\Laurie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk not found!
File\Folder C:\Users\Laurie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

 

[caila]

Results of screen317's Security Check version 0.99.79
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
McAfee SiteAdvisor
Malwarebytes Anti-Malware version 1.75.0.1300
Java(TM) 6 Update 21
Java version out of Date!
Adobe Flash Player 12.0.0.44
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox 16.0.1 Firefox out of Date!
Google Chrome 31.0.1650.63
Google Chrome 32.0.1700.102
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0 %
````````````````````End of Log``````````````````````

 

[caila]

Farbar Service Scanner Version: 02-02-2014
Ran by Caila (administrator) on 05-02-2014 at 19:49:52
Running from "C:\Users\Caila.Home-PC\Downloads"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-08-14 04:14] - [2013-07-04 21:20] - 0914880 ____A (Microsoft Corporation) 6D0D344F643E28B31262AC2682109A3C

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

 

[caila]

C:\Users\All Users\mfbnnphicmaeembbfonijdllbnmfamjk\qnUuUQwVk.js Win32/Adware.MultiPlug.H application
C:\AdwCleaner\Quarantine\C\Program Files\optimizer pro\OptimizerPro.exe.vir a variant of Win32/SpeedingUpMyPC application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\optimizer pro\OptProLauncher.exe.vir a variant of Win32/AdWare.SpeedingUpMyPC.D application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\optimizer pro\OptProSmartScan.exe.vir a variant of Win32/Adware.SpeedingUpMyPC.C application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Yontoo\Y2Desktop.Updater.exe.vir Win32/AdWare.Yontoo.F application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Caila.Home-PC\AppData\Local\torch\User Data\Default\Extensions\ebbgekjnnkepohhbijeinlmlnfhapiem\2.3\ZYDVbag.js.vir Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Program Files\GreeatSaveur\htBdqy.x64.dll a variant of Win64/Adware.MultiPlug.A application cleaned by deleting - quarantined
C:\ProgramData\mfbnnphicmaeembbfonijdllbnmfamjk\qnUuUQwVk.js Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\ProgramData\Microsoft\Windows\DRM\8B1.tmp.vir a variant of Win32/Kryptik.ACMP trojan cleaned by deleting - quarantined
C:\Users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\ackgooaouea@vpzopmbt.com\content\bg.js Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Users\Caila.Home-PC\AppData\Roaming\Mozilla\Firefox\Profiles\y7ng6mir.default\extensions\aziog@oyjndsyp.org\content\bg.js Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Users\Caila.Home-PC\Downloads\Setup (1).exe a variant of Win32/AdWare.iBryte.P application cleaned by deleting - quarantined
C:\Users\Caila.Home-PC\Downloads\update_alternative_clothing.zip Win32/Ponmocup.AA trojan deleted - quarantined
C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebbgekjnnkepohhbijeinlmlnfhapiem\2.3\ZYDVbag.js Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\back.js JS/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\yl.js JS/Adware.Yontoo.A application cleaned by deleting - quarantined
C:\Users\Laurie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebbgekjnnkepohhbijeinlmlnfhapiem\2.3\ZYDVbag.js Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebbgekjnnkepohhbijeinlmlnfhapiem\2.3\ZYDVbag.js Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\back.js JS/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\yl.js JS/Adware.Yontoo.A application cleaned by deleting - quarantined
C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\staged\ackgooaouea@vpzopmbt.com\content\bg.js Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rzullgfj.default\extensions\staged\aziog@oyjndsyp.org\content\bg.js Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Windows\Installer\456e346a.msi a variant of Win32/AdWare.Adpeak.B application deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\back.js JS/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\yl.js JS/Adware.Yontoo.A application cleaned by deleting - quarantined

 

[Broni]

Update Firefox to the current 26.0 version.

Update Adobe Flash Player: http://get.adobe.com/flashplayer/
Make sure you UN-check Yes, install McAfee Security Scan Plus

NOTE 1: Beginning with Adobe Flash Version 11.3, the universal installer includes the 32-bit and 64-bit versions of the Flash Player.
NOTE 2: While installing make sure you UN-check any extra garbage which wants to install alongside.

Update Adobe Reader

You can download it from https://www.techspot.com/downloads/2083-adobe-reader-dc.html
After installing the latest Adobe Reader, uninstall all previous versions (if present).
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

1. Update your Java version here: https://www.techspot.com/downloads/6463-java-se.html
Alternate download: http://www.java.com/en/download/manual.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: If you're running 64-bit system make sure you install BOTH, 32-bit and 64-bit Java.

Note 3: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it.

• Run JavaRa.exe (Vista and 7 users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
• Accept any prompts.
• Do NOT post JavaRa log.

==================================

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following:

:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[emptyjava]
[CLEARALLRESTOREPOINTS]
[Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

• Double-click OTL.exe to start the program.
• Close all other programs apart from OTL as this step will require a reboot
• On the OTL main screen, press the CLEANUP button
• Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure Windows Updates are current.

4. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Launch a quick scan now" link)

6. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

7. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

8. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly.

9. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

10. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

11. (Windows XP only) Run defrag at your convenience.

12. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

13. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

14. Please, let me know, how your computer is doing.

 

[caila]

I don't think Java is updating/installing correctly. JavaRa won't open because it says my WinZip is outdated or something like that? Also, should I be using Firefox, I've been using google chrome as my default browser